#VU25576 Path traversal in Apache James - CVE-2015-7611
Published: February 25, 2020
Vulnerability identifier: #VU25576
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/U:Green
CVE-ID: CVE-2015-7611
CWE-ID: CWE-22
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vulnerable software:
Apache James
Apache James
Software vendor:
Apache Foundation
Apache Foundation
Description
The vulnerability allows a remote authenticated user to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences within username when creating new user account in Apache James Remote Administration Tool. A remote authenticated user can send a specially crafted POP3 request to create a user with malicious username and then execute the code, stored in the username by sending an email to this particular recipient.
Remediation
Install update from vendor's website.
External links
- http://packetstormsecurity.com/files/133798/Apache-James-Server-2.3.2-Arbitrary-Command-Execution.html
- http://www.openwall.com/lists/oss-security/2015/09/30/7
- http://www.openwall.com/lists/oss-security/2015/10/01/2
- http://www.securityfocus.com/archive/1/536575/100/0/threaded
- https://blogs.apache.org/james/entry/apache_james_server_2_3