Test Kennung:	1.3.6.1.4.1.25623.1.0.800533
Kategorie:	FTP
Titel:	FFFTP LIST Command Directory Traversal Vulnerability
Zusammenfassung:	FFFTP Client is prone to a directory traversal vulnerability.
Beschreibung:	Summary: FFFTP Client is prone to a directory traversal vulnerability. Vulnerability Insight: The flaw is due to input validation error when processing FTP responses to a LIST command with a filename and is followed by ../ (dot dot forward-slash). Vulnerability Impact: Successful exploitation will allow remote attackers to create or overwrite arbitrary files on a vulnerable system by tricking a user into downloading a directory containing files. Affected Software/OS: FFFTP version 1.96b and prior on Windows. Solution: Upgrade to version 1.96d or later. CVSS Score: 8.8 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-6424 BugTraq ID: 29459 http://www.securityfocus.com/bid/29459 http://vuln.sg/FFFTP196b-en.html http://osvdb.org/45894 http://secunia.com/advisories/30428 http://www.vupen.com/english/advisories/2008/1708/references XForce ISS Database: ffftp-list-directory-traversal(42796) https://exchange.xforce.ibmcloud.com/vulnerabilities/42796
Copyright	Copyright (C) 2009 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.