PT-2001-1523 · Typsoft · Typsoft Ftp Server

Publicado

2001-04-04

Atualizado

2008-09-05

CVE-2001-0294

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions TYPSoft FTP Server version 0.85

Description The issue allows remote attackers to read arbitrary files. This can be achieved via a directory traversal attack by including a .. (dot dot) in a GET command or a ... in a CWD command.

Recommendations For TYPSoft FTP Server version 0.85, consider restricting access to sensitive files and directories as a temporary workaround until a patch is available. Avoid using the .. (dot dot) sequence in GET commands and the ... sequence in CWD commands to minimize the risk of exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2001-0294

Produtos afetados

Typsoft Ftp Server

PT-2001-1523 · Typsoft · Typsoft Ftp Server

CVE-2001-0294

Identificadores relacionados

Produtos afetados

Referências · 2