Lucene search

[email protected]CVE-2004-1679

HistoryFeb 20, 2005 - 5:00 a.m.

CVE-2004-1679

2005-02-2005:00:00

[email protected]

web.nvd.nist.gov

cve

2004

1679

directory traversal

twinftp

remote attackers

arbitrary files

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.8 Medium

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

86.7%

JSON

Directory traversal vulnerability in TwinFTP 1.0.3 R2 allows remote attackers to create arbitrary files via a …/ (triple dot) in the (1) CWD, (2) STOR, or (3) RETR commands.

Affected configurations

NVD

Node

jigunettwinftp_enterpriseMatch1.0.3_r2

jigunettwinftp_standardMatch1.0.3_r2

CPENameOperatorVersion
jigunet:twinftp_enterprisejigunet twinftp enterpriseeq1.0.3_r2
jigunet:twinftp_standardjigunet twinftp standardeq1.0.3_r2

CPE	Name	Operator	Version
jigunet:twinftp_enterprise	jigunet twinftp enterprise	eq	1.0.3_r2
jigunet:twinftp_standard	jigunet twinftp standard	eq	1.0.3_r2

References

marc.info/?l=bugtraq&m=109509243831121&w=2

secunia.com/advisories/12511/

www.security.org.sg/vuln/twinftp103r2.html

www.securityfocus.com/bid/11159

exchange.xforce.ibmcloud.com/vulnerabilities/17323

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.8 Medium

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

86.7%

JSON

Related for CVE-2004-1679

nvd1 cvelist1 nessus1