Published: 02/05/2005 Updated: 03/08/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Directory traversal vulnerability in gftp prior to 2.0.18 for GTK+ allows remote malicious FTP servers to read arbitrary files via .. (dot dot) sequences in filenames returned from a LIST command.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnome gtk

Synopsis gftp security update Type/Severity Security Advisory: Moderate Topic An updated gFTP package that fixes a directory traversal issue is nowavailableThis update has been rated as having moderate security impact by the RedHat Security Response Team Description gFTP is a multi-thread ...

Albert Puigsech Galicia discovered a directory traversal vulnerability in a proprietary FTP client (CAN-2004-1376) which is also present in gftp, a GTK+ FTP client A malicious server could provide a specially crafted filename that could cause arbitrary files to be overwritten or created by the client For the stable distribution (woody) this probl ...

CWE-22 http://www.debian.org/security/2005/dsa-686 http://www.gentoo.org/security/en/glsa/glsa-200502-27.xml http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000957 http://www.securityfocus.com/advisories/8379 http://www.securityfocus.com/advisories/8380 http://www.securityfocus.com/bid/12539 http://www.redhat.com/support/errata/RHSA-2005-410.html http://www.mandriva.com/security/advisories?name=MDKSA-2005:050 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9923 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A717 https://access.redhat.com/errata/RHSA-2005:410 https://nvd.nist.gov https://www.debian.org/security/./dsa-686

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-0372

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect