CVE-2001-0491 - Directory traversal vulnerability in RaidenFTPD Server 2.1 before build 952 allows attackers to acce

CVE-2001-0491

Summary

Directory traversal vulnerability in RaidenFTPD Server 2.1 before build 952 allows attackers to access files outside the ftp root via dot dot attacks, such as (1) .... in CWD, (2) .. in NLST, or (3) ... in NLST.

References

http://archives.neohapsis.com/archives/bugtraq/2001-04/0465.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/6455

Vulnerable Configurations

cpe:2.3:a:team_johnlong:raidenftpd:2.1_build_947:*:*:*:*:*:*:*
cpe:2.3:a:team_johnlong:raidenftpd:2.1_build_947:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 19-12-2017 - 02:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:N/A:N

refmap via4

bugtraq	20010425 Vulnerabilities in RaidenFTPD Server
xf	raidenftpd-dot-directory-traversal(6455)

Last major update

19-12-2017 - 02:29

Published

27-06-2001 - 04:00

Last modified

19-12-2017 - 02:29