Directory traversal vulnerability in Pablo Software Solutions Quick 'n Easy FTP Server 1.77, and possibly earlier versions, allows remote authenticated users to determine the existence of arbitrary files via a .. (dot dot) in the DEL command, which triggers different error messages depending on whether the file exists or not.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2004-12-31 05:00
Updated : 2024-02-28 10:42
NVD link : CVE-2004-2747
Mitre link : CVE-2004-2747
CVE.ORG link : CVE-2004-2747
JSON object : View
Products Affected
pablo_software_solutions
- quick_n_easy_ftp_server
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')