4.6
CVE-2001-0582
- EPSS 0.56%
- Veröffentlicht 22.08.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:54:34
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginBen Spink CrushFTP FTP Server 2.1.6 and earlier allows a local attacker to access arbitrary files via a '..' (dot dot) attack, or variations, in (1) GET, (2) CD, (3) NLST, (4) SIZE, (5) RETR.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ben Spink ≫ Crushftp Ftp Server Version <= 2.1.6
Ben Spink ≫ Crushftp Ftp Server Version2.1.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.56% | 0.42 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
http://archives.neohapsis.com/archives/bugtraq/2001-05/0036.html
http://www.kb.cert.org/vuls/id/110803
https://exchange.xforce.ibmcloud.com/vulnerabilities/6495