Описание
Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.41 with the "Restrict to home directory" option enabled allows local users to escape the home directory via a "/../" string, a variation of the .. (dot dot) attack.
Ссылки
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:texas_imperial_software:wftpd:2.41_rc14:*:*:*:*:*:*:*
cpe:2.3:a:texas_imperial_software:wftpd:2.41_rc14:*:pro:*:*:*:*:*
cpe:2.3:a:texas_imperial_software:wftpd:3.0:*:pro:*:*:*:*:*
EPSS
Процентиль: 46%
0.00235
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.41 with the "Restrict to home directory" option enabled allows local users to escape the home directory via a "/../" string, a variation of the .. (dot dot) attack.
EPSS
Процентиль: 46%
0.00235
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other