English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 72151 CVE descriptions
and 38907 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.801398
Category:FTP
Title:AutoFTP Manager FTP Client Directory Traversal Vulnerability
Summary:Check for the version of AutoFTP Manager FTP Client
Description:
Overview: This host is installed with AutoFTP Manager FTP Client and is prone
to directory traversal vulnerability.

Vulnerability Insight:
The flaw exists due to error in handling of certain crafted file names.
It does not properly sanitise filenames containing directory traversal
sequences that are received from an FTP server.

Impact:
Successful exploitation will allow attackers to write files into a user's
Startup folder to execute malicious code when the user logs on.

Impact Level: Application.

Affected Software:
AutoFTP Manager FTP Client 4.31(4.3.1.0) and prior.

Fix: Upgrade AutoFTP Manager FTP Client to recent versions,
For updates refer to http://www.deskshare.com/download.aspx

References:
http://en.securitylab.ru/nvd/396970.php
http://www.htbridge.ch/advisory/directory_traversal_in_autoftp_manager.html
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-3104
http://www.htbridge.ch/advisory/directory_traversal_in_autoftp_manager.html
CopyrightCopyright (C) 2010 Greenbone Networks GmbH

This is only one of 38907 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.