CVE-2010-4153

{"id": "CVE-2010-4153", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-11-03T20:00:03.873", "references": [{"url": "http://secunia.com/advisories/41852", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.htbridge.ch/advisory/directory_traversal_vulnerability_in_crossftp_pro.html", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/68700", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/44070", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62549", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/41852", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.htbridge.ch/advisory/directory_traversal_vulnerability_in_crossftp_pro.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/68700", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/44070", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62549", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably earlier, allows remote FTP servers to write arbitrary files via a \"..\\\" (dot dot backslash) in a filename."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en CrossFTP Pro v1.65a y posiblemente versiones previas, permite a servidores FTP remotos crear archivos de su elecci\u00f3n a trav\u00e9s de la secuencia \"..\\\" en el nombre de archivo."}], "lastModified": "2024-11-21T01:20:19.353", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:crossftp:crossftp_pro:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53120C61-E457-4331-9A43-AE1E8ADCF09B", "versionEndIncluding": "1.65a"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E084FFA7-7591-4ABC-8CDE-D2FD865C0207"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06BFC7EA-F34E-4CB0-964C-8D728F380B7C"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C564B2E-2A7E-4012-9374-EF4506D498C3"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D7EE7D9-6245-4300-A110-DDC9D7D39675"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ECEB9274-7900-48E0-9E1B-E8FCBC315F31"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "287A0457-E738-4CAC-B44D-5731EC91A022"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD4BA2D1-E5AC-45CA-997A-F1C3D2DD8B48"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3425DE23-2210-4B67-8924-F715F4EF02D9"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83B045F0-0ABC-48D0-B50F-12BF319F6C84"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26C1A77D-8457-42E8-9183-127DA33F2655"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.24:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D5CD13D-51B7-49F7-A4C9-91316E5FC112"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.25:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B02DD81-5BB3-4D7D-9592-3F7E89632E2F"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.26:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37305540-737C-4467-8CA3-2489D3BEC2A8"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.27:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C64EA42-A5F6-4A4C-9972-C68755B66040"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.28:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "258EB714-AC71-4C74-BF6E-1C57A4F7983E"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.29:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94C353DD-D09B-4023-8765-110A37364724"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D0D5336-0306-4F23-8FC2-AEE856F9A97E"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B4D40D9-3763-4F1A-80C4-B1C8C4C1736A"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "405DCB68-F769-410E-86F5-F74A8F4CD004"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.33:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30DF8A69-B7EB-4DF2-B2FE-19A04E4A6BD2"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.34:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0786C1D-D0A4-48AD-9A6B-A07CA52D2EE4"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D810E9FA-B43C-4845-B9FB-C08A1A278D11"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C94C53D4-8EBE-4C10-A48C-F33B2DA14090"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.37:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1779BE1-B364-4A7E-B335-A55D598CB271"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.38:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9E28839-BF19-4F5D-B602-C0F8AB2D7744"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.39:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40FE0B26-3EAA-4D98-9E3F-401DCD86A8AF"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0881CF1-4DD1-411C-8627-4571FAF26AA3"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.41:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C66C878-AE67-42AE-9B66-0A07AA71A7DB"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.42:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB3D0B5F-F0A1-4E01-8C0E-7BD19E697CAF"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.50:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72433164-9035-4CB5-B584-95E88EF7C7E4"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.51:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C88ED85B-D6CC-4B50-91CE-41B8B3B17EFA"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.52:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39DE12B2-5E52-4CC1-BF3A-3CBD67358BA2"}, {"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.53:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0262C5E7-B0A7-4806-BCD6-656CFD98D179"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}