Oops, it seems that there is a directory traversal vuln in IronMail’s IronWebMail product. The good folks at Secunia have it listed as a Moderately critical. There is a patch available. Here’s the advisory text.
“Description:
Derek Callaway has reported a vulnerability in IronMail, which can be exploited by malicious people to gain knowledge of sensitive information.
An input validation error in the IronWebMail web service makes it possible to access arbitrary files outside the web root via directory traversal attacks.
Example:
GET /IM_FILE(%252e%252e/%252e%252e/%252e%252e) HTTP/1.0[CRLF][CRLF]
The vulnerability is reported in versions 5.0.1 and 6.1.1. Other versions may also be affected.
Solution:
Apply IronMail 6.1.1 HotFix-17.”
[tags]IronMail Vulnerability, Directory Traversal, Vulnerability[/tags]