CyberSec.Space Logo
Back to CVE Browser

CVE-2004-2446

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.1070%
EPSS Percentile14.17th
PublishedDec 31, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

Directory traversal vulnerability in 1st Class Mail Server 4.01 allows remote attackers to read arbitrary files via a ".." (dot dot) sequences in unknown vectors.

Affected Platforms (CPE)

πŸ“¦
1st Class Internet Solutions

1st Class Mail Server

= 4.01

References & Advisories

πŸ”— http://members.lycos.co.uk/r34ct/main/1st%20Class%20mail%20server%204.01.txt
πŸ”— http://secunia.com/advisories/11330
πŸ”— http://securitytracker.com/alerts/2004/Apr/1009705.html
πŸ”— http://www.osvdb.org/5011
πŸ”— http://www.securityfocus.com/bid/10089
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/15812
πŸ”— http://members.lycos.co.uk/r34ct/main/1st%20Class%20mail%20server%204.01.txt
πŸ”— http://secunia.com/advisories/11330

Related Vulnerabilities

CVE-2004-23757.5

Buffer overflow in the POP3 server in 1st Class Mail Server 4.0 allows remote attackers to cause a denial of service (crash) and p...

CVE-2004-24474.3

Cross-site scripting (XSS) vulnerability in 1st Class Mail Server 4.01 allows remote attackers to inject arbitrary web script or H...

CVE-2004-100610.0

Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via cer...

CVE-2004-101210.0

The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arb...