CVE-2008-5275

Multiple directory traversal vulnerabilities in the (a) "Unzip archive" and (b) "Upload files and archives" functionality in net2ftp 0.96 stable and 0.97 beta allow remote attackers to create, read, or delete arbitrary files via a .. (dot dot) in a filename within a (1) TAR or (2) ZIP archive. NOTE: this can be leveraged for code execution by creating a .php file.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/30611	Vendor Advisory
http://vuln.sg/net2ftp096-en.html
http://www.securityfocus.com/bid/29664
https://exchange.xforce.ibmcloud.com/vulnerabilities/42994

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:net2ftp:net2ftp:0.96:stable::::::
	cpe:2.3:a:net2ftp:net2ftp:0.97:beta::::::

History

No history.

Information

Published : 2008-11-28 19:00

Updated : 2024-02-28 11:21

NVD link : CVE-2008-5275

Mitre link : CVE-2008-5275

CVE.ORG link : CVE-2008-5275

JSON object : View

Products Affected

net2ftp

net2ftp

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2008-5275", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2008-11-28T19:00:08.517", "references": [{"url": "http://secunia.com/advisories/30611", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://vuln.sg/net2ftp096-en.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/29664", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42994", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Multiple directory traversal vulnerabilities in the (a) \"Unzip archive\" and (b) \"Upload files and archives\" functionality in net2ftp 0.96 stable and 0.97 beta allow remote attackers to create, read, or delete arbitrary files via a .. (dot dot) in a filename within a (1) TAR or (2) ZIP archive. NOTE: this can be leveraged for code execution by creating a .php file."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de salto de directorio en las funcionalidades (a) \"Unzip archive\" y (b) \"Upload files and archives\" en et2ftp v0.96 estable y v0.97 beta permite a atacantes remotos crear, leer, o borrar ficheros de su elecci\u00f3n a trav\u00e9s de .. (punto punto) en un nombre de fichero con un archivo (1) TAR o (2) ZIP.\r\nNOTA: esto se puede aprovechar para la ejecuci\u00f3n de c\u00f3digo mediante la creaci\u00f3n de un fichero .php."}], "lastModified": "2017-08-08T01:33:13.657", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:net2ftp:net2ftp:0.96:stable:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E15C2167-3D5C-45D6-A3A4-D1AF76E097DC"}, {"criteria": "cpe:2.3:a:net2ftp:net2ftp:0.97:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F20497E-1230-4784-9282-C03FDAA1A30A"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}