PT-1999-1666 · Auto Ftp · Auto Ftp

Published

1999-10-05

Updated

2016-10-18

CVE-1999-1345

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Auto FTP version 0.2

Description: The issue concerns the Auto FTP.pl script in Auto FTP, which utilizes the /tmp/ftp tmp directory with insecure permissions. This setup allows local users to send arbitrary files to the remote server by placing them in the directory and to view files that are being transferred.

Recommendations: For Auto FTP version 0.2, consider changing the permissions of the /tmp/ftp tmp directory to secure it, or use a different directory with proper access controls to prevent unauthorized access and file manipulation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1345

Affected Products

Auto Ftp

PT-1999-1666 · Auto Ftp · Auto Ftp

CVE-1999-1345

Related Identifiers

Affected Products

References · 2