CVE-2005-0278

Name of the Vulnerable Software and Affected Versions 3CDaemon version 2.0 revision 10

Description The issue allows remote attackers to gain sensitive information via a cd command that contains an MS-DOS device name. This reveals the installation path in an error message.

Recommendations For version 2.0 revision 10, consider restricting access to the FTP service until a fix is available. As a temporary workaround, avoid using MS-DOS device names in cd commands to minimize the risk of information disclosure.