Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-5655

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2013-5655
Last Modified 15 May 2014 10:21:41
Published 14 May 2014 03:55:10
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-5655

Summary

Directory traversal vulnerability in the FTP server in YingZhi Python Programming Language for iOS 1.9 allows remote attackers to read and possibly write arbitrary files via a .. (dot dot) in the default URI.

Vulnerable Systems

Application

  • Xiaowen Huang Yingzhi Python Programming Language 1.9


References

BID - 62074

MLIST - [oss-security] 20130930 Re: YingZhi Python Programming Language for iOS ftp .. bug & httpd arbitrary upload

MLIST - [oss-security] 20130929 YingZhi Python Programming Language for iOS ftp .. bug & httpd arbitrary upload

OSVDB - 96719


Last Updated: 27 May 2016 11:05:17