PT-2002-1608 · Typsoft · Typsoft Ftp Server

Publicado

2002-06-11

Atualizado

2008-09-05

CVE-2002-0558

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions TYPSoft FTP server versions 0.97.1 and earlier

Description A directory traversal issue allows a remote authenticated user to list arbitrary directories by using a .. in a LIST (ls) command ending in wildcard . characters.

Recommendations For versions 0.97.1 and earlier, consider restricting access to the LIST command or limiting the use of wildcard characters in commands until a fix is available. As a temporary workaround, restrict the ability to list directories using the .. notation in the LIST command.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2002-0558

Produtos afetados

Typsoft Ftp Server

PT-2002-1608 · Typsoft · Typsoft Ftp Server

CVE-2002-0558

Identificadores relacionados

Produtos afetados

Referências · 4