2 matches found
CVE-2003-1380
CVE-2003-1380 describes a directory traversal vulnerability in BisonFTP Server 4 release 2 that allows remote attackers to list directories above the root with commands like 'ls @../' or 'mget @../FILE' . The root cause is improper handling of path traversal in the FTP server, enabling access to ...
CVE-2003-1416
CVE-2003-1416 affects BisonFTP Server 4 release 2 . The vulnerability allows remote denial of service (CPU consumption) triggered by abnormally long commands: either a long ls or a long cwd. The CVSS data indicates a network attack vector with no authentication required and a partial impact on av...