Lucene search

[email protected]CVE-2006-1383

HistoryMar 24, 2006 - 11:02 a.m.

CVE-2006-1383

2006-03-2411:02:00

[email protected]

web.nvd.nist.gov

cve-2006-1383

directory traversal

baby ftp server

babyftp

remote authenticated users

document root

vulnerability

nvd

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.6%

JSON

Directory traversal vulnerability in Baby FTP Server (BabyFTP) 1.24 allows remote authenticated users to determine existence of files outside the intended document root via unspecified manipulations, which generate different error messages depending on whether a file exists or not.

Affected configurations

NVD

Node

pablo_software_solutionsbaby_ftp_serverMatch1.24

CPENameOperatorVersion
pablo_software_solutions:baby_ftp_serverpablo software solutions baby ftp servereq1.24

CPE	Name	Operator	Version
pablo_software_solutions:baby_ftp_server	pablo software solutions baby ftp server	eq	1.24

References

secunia.com/advisories/19338

www.osvdb.org/24057

www.securityfocus.com/bid/17205

www.vupen.com/english/advisories/2006/1069

exchange.xforce.ibmcloud.com/vulnerabilities/25413

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.6%

JSON

Related for CVE-2006-1383

prion1 cvelist1 nvd1