PT-2014-3703 · Attachmate · Attachmate Reflection Ftp Client

Rgod

Publicado

2014-08-12

Atualizado

2015-02-09

CVE-2014-0604

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Attachmate Reflection FTP Client versions prior to 14.1.429

Description The issue is related to a directory traversal vulnerability in the rftpcom.dll ActiveX control. This vulnerability allows remote attackers to execute arbitrary code via unspecified vectors to the StartLog method.

Recommendations For versions prior to 14.1.429, update to version 14.1.429 or later to resolve the issue. As a temporary workaround, consider disabling the StartLog method in the rftpcom.dll ActiveX control until a patch is applied.

Correção

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-22

Identificadores relacionados

CVE-2014-0604

ZDI-14-289

Produtos afetados

Attachmate Reflection Ftp Client

PT-2014-3703 · Attachmate · Attachmate Reflection Ftp Client

CVE-2014-0604

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4