Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0587

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2000-0587
Last Modified 10 Sep 2008 03:05:09
Published 26 Jun 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0587

Summary

The privpath directive in glftpd 1.18 allows remote attackers to bypass access restrictions for directories by using the file name completion capability.

Vulnerable Systems

Application

  • Glftpd 1.18

  • Glftpd 1.19

  • Glftpd 1.20

  • Glftpd 1.21b1

  • Glftpd 1.21b2

  • Glftpd 1.21b3

  • Glftpd 1.21b4

  • Glftpd 1.21b5

  • Glftpd 1.21b6

  • Glftpd 1.21b7

  • Glftpd 1.21b8


References

BUGTRAQ - 20000626 Glftpd privpath bugs... +fix

BID - 1401

BUGTRAQ - 20000627 Re: Glftpd privpath bugs... +fix


Last Updated: 27 May 2016 10:35:46