CVE-2001-0054

Опубликовано: 16 фев. 2001

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Directory traversal vulnerability in FTP Serv-U before 2.5i allows remote attackers to escape the FTP root and read arbitrary files by appending a string such as "/..%20." to a CD command, a variant of a .. (dot dot) attack.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2000-12/0043.html
Patch
Vendor Advisory
http://marc.info/?l=bugtraq&m=97604119024280&w=2
http://www.osvdb.org/464
http://www.securityfocus.com/bid/2052
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5639
http://archives.neohapsis.com/archives/bugtraq/2000-12/0043.html
Patch
Vendor Advisory
http://marc.info/?l=bugtraq&m=97604119024280&w=2
http://www.osvdb.org/464
http://www.securityfocus.com/bid/2052
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5639

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:solarwinds:serv-u_file_server:3.0.0.16:*:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.05084

Низкий

5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-rggv-4m8c-3m5j

github

больше 3 лет назад