Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2894

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-2894
Last Modified 07 Mar 2011 10:09:54
Published 27 Jun 2008 02:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2894

Summary

Directory traversal vulnerability in the FTP client in NCH Software Classic FTP 1.02 for Windows allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345.

Vulnerable Systems

Application

  • Nch Software Classic Ftp 1.02


References

XF - classicftp-list-directory-traversal(43230)

VUPEN - ADV-2008-1899

BID - 29846

MISC - http://vuln.sg/classicftp102-en.html

SECUNIA - 30708


Last Updated: 27 May 2016 10:48:01