Path traversal in Apache James - CVE-2015-7611
Published: February 25, 2020
Vulnerability identifier: #VU25576
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/U:Green
CVE-ID: CVE-2015-7611
CWE-ID: CWE-22
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vendor: Apache Foundation
Affected software:
Apache James
Apache James
Detailed vulnerability description
The vulnerability allows a remote authenticated user to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences within username when creating new user account in Apache James Remote Administration Tool. A remote authenticated user can send a specially crafted POP3 request to create a user with malicious username and then execute the code, stored in the username by sending an email to this particular recipient.
How to mitigate CVE-2015-7611
Install update from vendor's website.
Sources
- http://packetstormsecurity.com/files/133798/Apache-James-Server-2.3.2-Arbitrary-Command-Execution.html
- http://www.openwall.com/lists/oss-security/2015/09/30/7
- http://www.openwall.com/lists/oss-security/2015/10/01/2
- http://www.securityfocus.com/archive/1/536575/100/0/threaded
- https://blogs.apache.org/james/entry/apache_james_server_2_3