CVE-2000-0318

Name of the Vulnerable Software and Affected Versions Atrium Mercur Mail Server version 3.2

Description The issue allows local attackers to read other users' email and create arbitrary files via a dot dot (..) attack. This attack involves manipulating file paths to access or modify files outside the intended directory.

Recommendations For Atrium Mercur Mail Server version 3.2, consider restricting local access to the mail server to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the ability of local users to create arbitrary files on the server. At the moment, there is no information about a newer version that contains a fix for this vulnerability.