PT-2010-1232 · Novell · Nwftpd.Nlm+1
Published
2010-04-05
·
Updated
2010-04-06
·
CVE-2007-6734
CVSS v2.0
4.0
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Novell NetWare versions prior to 6.5 SP7 with NWFTPD.nlm before 5.08.07
Description
The issue is related to the improper implementation of the FTPREST.TXT NOREMOTE restriction in the FTP server. This allows remote authenticated users to access directories outside of the home server.
Recommendations
For versions prior to 6.5 SP7 with NWFTPD.nlm before 5.08.07, update NWFTPD.nlm to version 5.08.07 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nwftpd.Nlm
Novell Netware