CVE-2004-2674

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Directory traversal vulnerability in ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users to determine the existence of arbitrary files via ".." sequences in the SITE UNZIP argument.

Ссылки

http://secunia.com/advisories/11002
Patch
http://www.argosoft.com/rootpages/FtpServer/ChangeList.aspx
http://www.osvdb.org/11333
http://www.securiteam.com/windowsntfocus/5RP010KCAO.html
http://www.securityfocus.com/bid/9770
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/15411
http://secunia.com/advisories/11002
Patch
http://www.argosoft.com/rootpages/FtpServer/ChangeList.aspx
http://www.osvdb.org/11333
http://www.securiteam.com/windowsntfocus/5RP010KCAO.html
http://www.securityfocus.com/bid/9770
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/15411

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:argosoft:ftp_server:*:*:*:*:*:*:*:*

Версия до 1.4.1.5 (включая)

EPSS

Процентиль: 67%

0.00533

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-6684-xr7v-79r6

github

почти 4 года назад