Vulnerability Details CVE-2005-1480
Directory traversal vulnerability in RaidenFTPD before 2.4.2241 allows remote attackers to read arbitrary files via a "..\\" (dot dot backslash) in the urlget site command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.079
EPSS Ranking 91.6%
CVSS Severity
CVSS v2 Score 5.0
References
- http://forum.raidenftpd.com/showflat.php?Board=UBB13&Number=45685
- http://marc.info/?l=bugtraq&m=111507556127582&w=2
- http://secunia.com/advisories/15037
- http://www.osvdb.org/15713
- http://www.securityfocus.com/bid/13292
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20368
- http://forum.raidenftpd.com/showflat.php?Board=UBB13&Number=45685
- http://marc.info/?l=bugtraq&m=111507556127582&w=2
- http://secunia.com/advisories/15037
- http://www.osvdb.org/15713
- http://www.securityfocus.com/bid/13292
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20368
Products affected by CVE-2005-1480
-
cpe:2.3:a:raiden_professional_servers:raidenftpd:*