CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-2635

Multiple directory traversal vulnerabilities in BitKinex 2.9.3 allow remote FTP and WebDAV servers to create or overwrite arbitrary files via a .. (dot dot) in (1) a response to a LIST command from the BitKinex FTP client and (2) a response to a PROPFIND command from the BitKinex WebDAV client. NOTE: this can be leveraged for code execution by writing to a Startup folder.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 36.8%

CVSS Severity

CVSS v2 Score 9.3

References

http://secunia.com/advisories/30532
http://vuln.sg/bitkinex293-en.html
http://www.vupen.com/english/advisories/2008/1738/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42842
http://secunia.com/advisories/30532
http://vuln.sg/bitkinex293-en.html
http://www.vupen.com/english/advisories/2008/1738/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42842

Products affected by CVE-2008-2635

Barad Dur » Bitkinex » Version: 2.9.3

cpe:2.3:a:barad_dur:bitkinex:2.9.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-2635

Products

Pricing

Contact Us