ID |
CVE-1999-1345
|
Summary |
Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared directory with insecure permissions, which allows local users to (1) send arbitrary files to the remote server by placing them in the directory, and (2) view files that are being transferred. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 4.6 (as of 18-10-2016 - 02:03) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
bugtraq | 19991005 Auto_FTP v0.02 Advisory |
|
Last major update |
18-10-2016 - 02:03 |
Published |
05-10-1999 - 04:00 |
Last modified |
18-10-2016 - 02:03 |