Vulnerability Details CVE-2002-1054
Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and earlier allows remote authenticated users to list arbitrary directories via "..\" (dot-dot backslash) sequences in a LIST command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.067
EPSS Ranking 90.8%
CVSS Severity
CVSS v2 Score 6.4
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0035.html
- http://online.securityfocus.com/archive/1/283665
- http://www.iss.net/security_center/static/9647.php
- http://www.osvdb.org/4995
- http://www.pablovandermeer.nl/ftpserversrc.zip
- http://www.securityfocus.com/bid/5283
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0035.html
- http://online.securityfocus.com/archive/1/283665
- http://www.iss.net/security_center/static/9647.php
- http://www.osvdb.org/4995
- http://www.pablovandermeer.nl/ftpserversrc.zip
- http://www.securityfocus.com/bid/5283
Products affected by CVE-2002-1054
-
cpe:2.3:a:pablo_software_solutions:pablo_ftp_server:1.0_build_9