CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-1277

The download_selection_recursive() function in ftplist.c for IglooFTP 0.6.1 allows remote malicious FTP servers to overwrite arbitrary files via filenames that contain / (slash) characters.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.6%

CVSS Severity

CVSS v2 Score 5.0

References

http://tigger.uic.edu/~jlongs2/holes/iglooftp2.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/18561
http://tigger.uic.edu/~jlongs2/holes/iglooftp2.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/18561

Products affected by CVE-2004-1277

Iglooftp » Iglooftp » Version: 0.6.1

cpe:2.3:a:iglooftp:iglooftp:0.6.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1277

Products

Pricing

Contact Us