The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitrary files via a .. (dot dot) attack.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0780
Reference (s):
- BID:1617
- URL: http://www.securityfocus.com/bid/1617
- BUGTRAQ:20000830 Vulnerability Report On IPSWITCH’s IMail
- URL: http://marc.info/?l=bugtraq&m=96767207207553&w=2
- http://www.ipswitch.com/Support/IMail/news.html