Lucene search
MitreCVELIST:CVE-2008-2399HistoryMay 22, 2008 - 10:00 a.m.
CVE-2008-2399
2008-05-2210:00:00
mitre
www.cve.org
Directory traversal vulnerability in the FireFTP add-on before 0.98.20080518 for Firefox allows remote FTP servers to create or overwrite arbitrary files via …\ (dot dot backslash) sequences in responses to (1) MLSD and (2) LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder.
References
secunia.com/advisories/30284
vuln.sg/fireftp0971-en.html
www.kb.cert.org/vuls/id/906907
www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.58%3Br2=1.59%3Bf=h
www.securityfocus.com/bid/29289
www.vupen.com/english/advisories/2008/1596/references
exchange.xforce.ibmcloud.com/vulnerabilities/42516
Related
cve
cve
prion
prion
Directory traversal
2008-05-22 13:09:00
Directory traversal
2008-06-13 19:41:00
Directory traversal
2008-06-03 14:32:00
nvd
nvd
cvelist
cvelist
cert
cert
Multiple FTP clients contain directory traversal vulnerabilities
2002-12-10 00:00:00
securityvulns
securityvulns
Directory Traversal Vulnerabilities in FTP Clients
2002-12-11 00:00:00
[NEWS] Directory Traversal Vulnerabilities in FTP Clients
2002-12-11 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2370
2024-03-12 08:35:15