Vulnerability Description
The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| University Of Washington | Uw-Imap | 2001.0a |
References
- http://online.securityfocus.com/archive/1/275127
- http://www.security.nnov.ru/advisories/courier.aspVendor Advisory
- http://www.securityfocus.com/bid/4909
- http://www.washington.edu/imap/IMAP-FAQs/index.html#5.1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/9238
- http://online.securityfocus.com/archive/1/275127
- http://www.security.nnov.ru/advisories/courier.aspVendor Advisory
- http://www.securityfocus.com/bid/4909
- http://www.washington.edu/imap/IMAP-FAQs/index.html#5.1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/9238
FAQ
What is CVE-2002-1782?
CVE-2002-1782 is a vulnerability with a CVSS score of 2.1 (LOW). The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary...
How severe is CVE-2002-1782?
CVE-2002-1782 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1782?
Check the references section above for vendor advisories and patch information. Affected products include: University Of Washington Uw-Imap.