Buffy 'comb' Command Directory Traversal Vulnerability Network Vulnerability

Summary

Buffy is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to download and delete local files in the context of the webserver process which may aid in further attacks. Buffy 1.3 is vulnerable prior versions may also be affected.

References

http://www.smotricz.com/opensource/buffy/Buffy.zip
https://www.securityfocus.com/bid/44577

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

FileCOPA FTP Server Multiple Directory Traversal Vulnerabilities
DataWizard FtpXQ Remote Denial of Service Vulnerability
Surge-FTP Admin Multiple Reflected Cross-site Scripting Vulnerabilities
RaidenFTPD Unauthorized File Access flaw
VicFTPS Directory Traversal Vulnerability

Take action and discover your vulnerabilities