Directory traversal

2008-03-3122:44:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.3%

JSON

Directory traversal vulnerability in Dan Costin File Transfer before 1.2f allows remote attackers to read arbitrary files via a "…" (dot dot backslash) in the filename.

CPENameOperatorVersion
file_transfereq1.2.100
file_transfereq1.2.99
file_transfereq1.2.101
file_transfereq1.2.98

Name	Operator	Version
file_transfer	eq	1.2.100
file_transfer	eq	1.2.99
file_transfer	eq	1.2.101
file_transfer	eq	1.2.98

References

secunia.com/advisories/29540

sourceforge.net/project/shownotes.php?group_id=178021&release_id=586923

sourceforge.net/tracker/index.php?func=detail&aid=1829601&group_id=178021&atid=883559

www.securityfocus.com/bid/28453

exchange.xforce.ibmcloud.com/vulnerabilities/41489