CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2003-1380

Directory traversal vulnerability in BisonFTP Server 4 release 2 allows remote attackers to (1) list directories above the root via an 'ls @../' command, or (2) list files above the root via a "mget @../FILE" command.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 36.9%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.securityfocus.com/archive/1/312032
http://www.securityfocus.com/bid/6873
https://exchange.xforce.ibmcloud.com/vulnerabilities/11347
http://www.securityfocus.com/archive/1/312032
http://www.securityfocus.com/bid/6873
https://exchange.xforce.ibmcloud.com/vulnerabilities/11347

Products affected by CVE-2003-1380

Bisonftp » Bisonftp Server 4 » Version: r2

cpe:2.3:h:bisonftp:bisonftp_server_4:r2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2003-1380

Products

Pricing

Contact Us