Vulnerability Details CVE-2000-1101
Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.41 with the "Restrict to home directory" option enabled allows local users to escape the home directory via a "/../" string, a variation of the .. (dot dot) attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.4%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/bugtraq/2000-11/0386.html
- http://www.iss.net/security_center/static/5608.php
- http://www.securityfocus.com/bid/2005
- http://archives.neohapsis.com/archives/bugtraq/2000-11/0386.html
- http://www.iss.net/security_center/static/5608.php
- http://www.securityfocus.com/bid/2005
Products affected by CVE-2000-1101
-
cpe:2.3:a:texas_imperial_software:wftpd:2.41_rc14
-
cpe:2.3:a:texas_imperial_software:wftpd:3.0