Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2889

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-2889
Last Modified 07 Mar 2011 10:09:53
Published 27 Jun 2008 02:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2889

Summary

Directory traversal vulnerability in the FTP client in AceBIT WISE-FTP 4.1.0 and 5.5.8 allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, a related issue to CVE-2002-1345.

Vulnerable Systems

Application

  • Wise-ftp 4.1.0

  • Wise-ftp 5.5.8


References

CONFIRM - http://www.wise-ftp.com/news/index.htm

VUPEN - ADV-2008-1898

BID - 29844

MISC - http://vuln.sg/wiseftp558-en.html

SECUNIA - 30788

SECUNIA - 30663


Last Updated: 27 May 2016 10:48:01