Path traversal

2008-03-1017:44:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.03 Low

EPSS

Percentile

91.0%

JSON

Absolute path traversal vulnerability in the FTP server in MicroWorld eScan Corporate Edition 9.0.742.98 and eScan Management Console (aka eScan Server) 9.0.742.1 allows remote attackers to read arbitrary files via an absolute pathname in the RETR (get) command.

CPENameOperatorVersion
escaneq9.0.742.98 corporate
escan_management_consoleeq9.0.742.1
escan_servereq9.0.742.1

Name	Operator	Version
escan	eq	9.0.742.98 corporate
escan_management_console	eq	9.0.742.1
escan_server	eq	9.0.742.1

References

aluigi.altervista.org/adv/escaz-adv.txt

secunia.com/advisories/29246

securityreason.com/securityalert/3723

www.securityfocus.com/archive/1/489228/100/0/threaded

www.securityfocus.com/bid/28127

exchange.xforce.ibmcloud.com/vulnerabilities/41033