Summary
The 'httpdx' program is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
Exploiting this issue allows an authenticated user to create directories outside the FTP root directory, which may lead to other attacks.
This issue affects httpdx 1.5
other versions may also be affected.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- 3D FTP Client Directory Traversal Vulnerability
- HP-UX ftpd glob() Expansion STAT Buffer Overflow
- SamiFTP Server 'RETR' Command Denial of Service Vulnerability
- FreeBSD and OpenBSD 'ftpd' NULL Pointer Dereference Denial Of Service Vulnerability
- WS FTP server FTP bounce attack and PASV connection hijacking flaw