Lucene search

[email protected]CVE-2002-1054

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-1054

2002-10-0404:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

pablo ftp server

directory traversal

vulnerability

remote authenticated users

list command

7.1 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.115 Low

EPSS

Percentile

95.2%

JSON

Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and earlier allows remote authenticated users to list arbitrary directories via "…" (dot-dot backslash) sequences in a LIST command.

CPENameOperatorVersion
pablo_software_solutions:pablo_ftp_serverpablo software solutions pablo ftp servereq1.0_build_9

CPE	Name	Operator	Version
pablo_software_solutions:pablo_ftp_server	pablo software solutions pablo ftp server	eq	1.0_build_9

References

archives.neohapsis.com/archives/vulnwatch/2002-q3/0035.html

online.securityfocus.com/archive/1/283665

www.iss.net/security_center/static/9647.php

www.osvdb.org/4995

www.pablovandermeer.nl/ftpserversrc.zip

www.securityfocus.com/bid/5283

7.1 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.115 Low

EPSS

Percentile

95.2%

JSON