Lucene search

[email protected]CVE-2013-5655

HistoryMay 14, 2014 - 7:55 p.m.

CVE-2013-5655

2014-05-1419:55:10

CWE-22

[email protected]

web.nvd.nist.gov

cve-2013-5655

directory traversal

ftp server

yingzhi

python

ios

security vulnerability

nvd

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.8%

JSON

Directory traversal vulnerability in the FTP server in YingZhi Python Programming Language for iOS 1.9 allows remote attackers to read and possibly write arbitrary files via a … (dot dot) in the default URI.

Affected configurations

NVD

Node

xiaowen_huangyingzhi_python_programming_languageMatch1.9iphone_os

CPENameOperatorVersion
xiaowen_huang:yingzhi_python_programming_languagexiaowen huang yingzhi python programming languageeq1.9

CPE	Name	Operator	Version
xiaowen_huang:yingzhi_python_programming_language	xiaowen huang yingzhi python programming language	eq	1.9

References

osvdb.org/96719

www.openwall.com/lists/oss-security/2013/08/29/8

www.openwall.com/lists/oss-security/2013/08/30/2

www.securityfocus.com/bid/62074

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.8%

JSON

Related for CVE-2013-5655

cvelist1 nvd1 prion1