SunFTP Directory Traversal Network Vulnerability

Summary

Directory traversal vulnerability in SunFTP build 9 allows remote attackers to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAME, or (5) PUT.

Solution

Switching to another FTP server, SunFTP is discontinued.

Severity

Classification

CVE CVE-2001-0283
CVSS Base Score: 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:N

Related Vulnerabilities

NcFTPD Symbolic Link Information Disclosure Vulnerability
Ipswitch WS_FTP Professional 'HTTP' Response Format String Vulnerability
Core FTP Server Directory Traversal Vulnerability
pyftpd Multiple Vulnerabilities
Wing FTP Server Denial of Service Vulnerability and Information Disclosure Vulnerability

SunFTP directory traversal

Take action and discover your vulnerabilities