2 matches found
CVE-2004-2769
Cerberus FTP Server before 4.0.3.0 is vulnerable. Remote authenticated users can list hidden files even when the Display hidden files option is disabled via MLSD/MLST commands. The Nessus NASL plugin for Cerberus FTP Server MLSD and MLST Command Hidden Files Security Bypass confirms affected vers...
Cerberus FTP Server MLSD and MLST Command Hidden Files Security Bypass
The version of Cerberus FTP server on the remote host is earlier than 4.0.3.0. Such versions are potentially affected by a security bypass vulnerability. The 'MLSD' and 'MLST' commands list hidden files despite the 'Display hidden files' option being disabled. A remote attacker, possibly...