Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2822

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-2822
Last Modified 07 Mar 2011 10:09:48
Published 23 Jun 2008 01:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2822

Summary

Multiple directory traversal vulnerabilities in the FTP client in 3D-FTP Client 8.01 (8.0 build 1) allow remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a (1) LIST or (2) MLSD command.

Vulnerable Systems

Application

  • 3dftp 3d-ftp Client 8.01


References

XF - 3dftp-list-mlsd-directory-traversal(43095)

VUPEN - ADV-2008-1853

BID - 29749

CONFIRM - http://www.3dftp.com/3dftp_versions.htm

MISC - http://vuln.sg/3dftp801-en.html

SECUNIA - 30651


Last Updated: 27 May 2016 10:48:00