Directory traversal vulnerability in the SFTP/SSH2 virtual server in Xlight FTP Server 3.5.0, 3.5.5, and possibly other versions before 3.6 allows remote authenticated users to read, overwrite, or delete arbitrary files via .. (dot dot) sequences in the (1) ls, (2) rm, (3) rename, and other unspecified commands.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2010-07-12T17:00:00
Updated: 2018-10-10T18:57:01
Reserved: 2010-07-12T00:00:00
Link: CVE-2010-2695
JSON object: View
NVD Information
Status : Modified
Published: 2010-07-12T17:30:02.767
Modified: 2018-10-10T19:59:55.683
Link: CVE-2010-2695
JSON object: View
Redhat Information
No data.
CWE