Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2001-0255

Published: 02/06/2001 Updated: 19/12/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

FaSTream FTP++ Server 2.0 allows remote malicious users to list arbitrary directories by using the "ls" command and including the drive letter name (e.g. C:) in the requested pathname.

Vulnerable Product Search on Vulmon Subscribe to Product

fastream fastream ftp\\+\\+ server 2.0

fastream fastream ftp server 2.0beta_11

Exploits

Exploit DB: fastream ftp++ 2.0 - Directory Traversal
source: wwwsecurityfocuscom/bid/2267/info It is possible for a remote uesr to gain read permissions outside of the Faststream FTP++ Server directory By requesting an 'ls' command along with the drive name, Fastream FTP++ will disclose the contents of the requested drive ftp> pwd 257 "/C:/FTPROOT/" is current directory ftp> ls c ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/2267http://marc.info/?l=bugtraq&m=98021181215325&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/5977https://nvd.nist.govhttps://www.exploit-db.com/exploits/20584/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoofCVE-2024-34928CVE-2024-5291deserializationCVE-2024-4471CVE-2024-4956CVE-2024-32002CVE-2024-5227unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook