PT-2001-2084 · Cooolsoft · Cooolsoft Powerftp Server

Published

2001-11-28

Updated

2017-12-19

CVE-2001-0931

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Cooolsoft PowerFTP Server version 2.03

Description A directory traversal issue allows attackers to list or read arbitrary files and directories by using a .. (dot dot) in the LS or GET commands.

Recommendations For Cooolsoft PowerFTP Server version 2.03, consider restricting access to the LS and GET commands until a patch is available. As a temporary workaround, limit the ability to traverse directories using the .. (dot dot) sequence to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0931

Affected Products

Cooolsoft Powerftp Server

PT-2001-2084 · Cooolsoft · Cooolsoft Powerftp Server

CVE-2001-0931

Related Identifiers

Affected Products

References · 4