Lucene search
HistoryOct 19, 2010 - 8:00 p.m.
CVE-2009-5012
cve-2009-5012
ftp server
pyftpdlib
access restrictions
mlst command
6.1 Medium
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
49.9%
ftpserver.py in pyftpdlib before 0.5.2 does not require the l permission for the MLST command, which allows remote authenticated users to bypass intended access restrictions and list the root directory via an FTP session.
Related
osv
osv
PYSEC-2010-9
2010-10-19 20:00:00
Improper Access Control in pyftpdlib
2022-05-02 04:00:26
cvelist
cvelist
CVE-2009-5012
2022-10-03 16:24:01
debiancve
debiancve
CVE-2009-5012
2010-10-19 20:00:00
prion
prion
Session fixation
2010-10-19 20:00:00
github
github
Improper Access Control in pyftpdlib
2022-05-02 04:00:26
openvas
openvas
pyftpdlib FTP Server Multiple Vulnerabilities
2010-10-28 00:00:00
Fedora Update for pyftpdlib FEDORA-2010-16731
2010-11-16 00:00:00
pyftpdlib FTP Server Multiple Vulnerabilities
2010-10-28 00:00:00
nessus
nessus
Fedora 12 : pyftpdlib-0.5.2-1.fc12 (2010-16731)
2010-11-05 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: pyftpdlib-0.5.2-1.fc12
2010-11-04 23:28:10
6.1 Medium
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
49.9%
Related for CVE-2009-5012