Vulnerability Details CVE-2000-0587
The privpath directive in glftpd 1.18 allows remote attackers to bypass access restrictions for directories by using the file name completion capability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.6%
CVSS Severity
CVSS v2 Score 10.0
References
- http://archives.neohapsis.com/archives/bugtraq/2000-06/0317.html
- http://www.securityfocus.com/bid/1401
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.10006261041360.31907-200000%40twix.thrijswijk.nl
- http://archives.neohapsis.com/archives/bugtraq/2000-06/0317.html
- http://www.securityfocus.com/bid/1401
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.10006261041360.31907-200000%40twix.thrijswijk.nl
Products affected by CVE-2000-0587
-
cpe:2.3:a:glftpd:glftpd:1.18
-
cpe:2.3:a:glftpd:glftpd:1.19
-
cpe:2.3:a:glftpd:glftpd:1.20
-
cpe:2.3:a:glftpd:glftpd:1.21b1
-
cpe:2.3:a:glftpd:glftpd:1.21b2
-
cpe:2.3:a:glftpd:glftpd:1.21b3
-
cpe:2.3:a:glftpd:glftpd:1.21b4
-
cpe:2.3:a:glftpd:glftpd:1.21b5
-
cpe:2.3:a:glftpd:glftpd:1.21b6
-
cpe:2.3:a:glftpd:glftpd:1.21b7
-
cpe:2.3:a:glftpd:glftpd:1.21b8