Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5175

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-5175
Last Modified 07 Mar 2011 10:14:06
Published 19 Nov 2008 01:11:50
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5175

Summary

Directory traversal vulnerability in the FTP client in AceFTP Freeware 3.80.3 and AceFTP Pro 3.80.3 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345.

Vulnerable Systems

Application

  • Visicommedia Aceftp 3.80.3


References

XF - aceftp-list-directory-traversal(43400)

VUPEN - ADV-2008-1954

BID - 29989

MISC - http://vuln.sg/aceftp3803-en.html

SECUNIA - 30792


Last Updated: 27 May 2016 10:48:44