CVE-2006-2917

Published: Jul 10, 2006Modified: Apr 16, 2026

5.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:N

Exploitability: 8.0 / Impact: 4.9

Source: NVD

Description

Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of other users, or perform unauthorized operations on directories, via the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, and (7) LIST commands.

Affected (2)

Products: Qbik: Wingate

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Qbik Wingate	Version 6.1.2.1094
Qbik Wingate	Version 6.1.3.1096

References (10)

http://secunia.com/advisories/20707

Source: PSIRT-CNA@flexerasoftware.com

PatchVendor Advisory

http://secunia.com/secunia_research/2006-48/advisory/

Source: PSIRT-CNA@flexerasoftware.com

Vendor Advisory

http://www.securityfocus.com/bid/18908

Source: PSIRT-CNA@flexerasoftware.com

http://www.vupen.com/english/advisories/2006/2730

Source: PSIRT-CNA@flexerasoftware.com

http://www.wingate.com/download.php

Source: PSIRT-CNA@flexerasoftware.com

http://secunia.com/advisories/20707

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://secunia.com/secunia_research/2006-48/advisory/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/18908

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/2730

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.wingate.com/download.php

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.