Robo-FTP Directory Traversal Vulnerability Network Vulnerability

Summary

This host is installed with Robo-FTP and is prone to directory traversal vulnerability.

Impact

Successful exploitation will allow attacker to download or upload arbitrary files. This may aid in further attacks. Impact Level: Application

Solution

Upgrade to Robo-FTP version 3.7.5 or later, For updates refer to http://www.robo-ftp.com/download/

Insight

This flaw is due to an input validation error when downloading directories containing files with directory traversal specifiers in the filename. This can be exploited to download files to an arbitrary location on a user's system.

Affected

Robo-FTP versions prior to 3.7.5.

References

http://secunia.com/advisories/41809
http://www.htbridge.ch/advisory/directory_traversal_vulnerability_in_robo_ftp.html
http://xforce.iss.net/xforce/xfdb/62548

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4095
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Air Code Execution and DoS Vulnerabilities (Windows)
Adobe Air and Flash Player Multiple Vulnerabilities August-2011 (Windows)
Adobe Flash Media Server multiple vulnerabilities
Adobe Flash Player Code Execution and DoS Vulnerabilities (Linux)
Adobe AIR Security Bypass Vulnerability Jan14 (Windows)

Take action and discover your vulnerabilities