Vulnerability Details CVE-2004-2674
Directory traversal vulnerability in ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users to determine the existence of arbitrary files via ".." sequences in the SITE UNZIP argument.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.7%
CVSS Severity
CVSS v2 Score 6.8
References
- http://secunia.com/advisories/11002
- http://www.argosoft.com/rootpages/FtpServer/ChangeList.aspx
- http://www.osvdb.org/11333
- http://www.securiteam.com/windowsntfocus/5RP010KCAO.html
- http://www.securityfocus.com/bid/9770
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15411
- http://secunia.com/advisories/11002
- http://www.argosoft.com/rootpages/FtpServer/ChangeList.aspx
- http://www.osvdb.org/11333
- http://www.securiteam.com/windowsntfocus/5RP010KCAO.html
- http://www.securityfocus.com/bid/9770
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15411
Products affected by CVE-2004-2674
-
cpe:2.3:a:argosoft:ftp_server:1.2.2.2