CVE-2003-1299

Sažetak

Directory traversal vulnerability in Baby FTP Server 1.2, and possibly other versions before May 31, 2003 allows remote authenticated users to list arbitrary directories and possibly read files via "..." (triple dot) manipulations to the CWD command.

Reference

http://packetstormsecurity.org/0305-exploits/baby.txt
http://www.osvdb.org/24538
http://www.pablosoftwaresolutions.com/html/baby_ftp_server.html
http://www.securityfocus.com/bid/7749

CVSS

Base:	4.0
Impact:	2.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:N/A:N

Zadnje važnije ažuriranje

28-11-2016 - 19:06

Objavljeno

31-12-2003 - 05:00