Vulnerability Details CVE-2004-0676
Directory traversal vulnerability in Fastream NETFile FTP/Web Server 6.7.2.1085 and earlier allows remote attackers to create or delete arbitrary files via .. (dot dot) and // (double slash) sequences in the filename parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.031
EPSS Ranking 86.3%
CVSS Severity
CVSS v2 Score 10.0
References
- http://marc.info/?l=bugtraq&m=108904874104880&w=2
- http://www.haxorcitos.com/Fastream_advisory.txt
- http://www.securityfocus.com/bid/10658
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16613
- http://marc.info/?l=bugtraq&m=108904874104880&w=2
- http://www.haxorcitos.com/Fastream_advisory.txt
- http://www.securityfocus.com/bid/10658
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16613
Products affected by CVE-2004-0676
-
cpe:2.3:a:fastream:netfile_ftp_web_server:6.5.1.980
-
cpe:2.3:a:fastream:netfile_ftp_web_server:6.5.1.981
-
cpe:2.3:a:fastream:netfile_ftp_web_server:6.7.2.1085