Vulnerabilites related to ncftp_software - ncftp
Vulnerability from fkie_nvd
Published
2004-04-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
NcFTP client 3.1.6 and 3.1.7, when the username and password are included in an FTP URL that is provided on the command line, allows local users to obtain sensitive information via "ps aux," which displays the URL in the process list.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ncftp_software | ncftp | 3.0.0 | |
| ncftp_software | ncftp | 3.0.1 | |
| ncftp_software | ncftp | 3.0.2 | |
| ncftp_software | ncftp | 3.0.3 | |
| ncftp_software | ncftp | 3.0.4 | |
| ncftp_software | ncftp | 3.1.0 | |
| ncftp_software | ncftp | 3.1.1 | |
| ncftp_software | ncftp | 3.1.2 | |
| ncftp_software | ncftp | 3.1.3 | |
| ncftp_software | ncftp | 3.1.4 | |
| ncftp_software | ncftp | 3.1.5 | |
| ncftp_software | ncftp | 3.1.6 | |
| ncftp_software | ncftp | 3.1.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4465B8F4-7724-4689-850D-E6D80139CED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CEF0F37A-78B1-412E-95CD-E71C86FE8191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B76BBA94-E991-442E-9112-00B75E24D9F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "46864AF6-9CC9-448D-9B37-71735C0D255D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8F4172CB-B527-4573-8F4C-0F5297377399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1DAE9558-3CA6-4F3C-A45C-458168322E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3340DBE8-BFA5-4A2E-8854-FFDBB5190AD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01299616-C41D-4FEC-9616-890239760774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "334A8F5F-9E09-4B72-9CC7-A5CA9DA4D63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "378852D8-2916-46FF-97B4-1C0D54D1BE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4B531753-DA42-45D8-9EA0-57F30C3AE3BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EA354C98-88C9-4235-B5E6-E5B11208F0DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4B852FE5-8706-4404-8EA5-65B0EF127745",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NcFTP client 3.1.6 and 3.1.7, when the username and password are included in an FTP URL that is provided on the command line, allows local users to obtain sensitive information via \"ps aux,\" which displays the URL in the process list."
}
],
"id": "CVE-2004-1948",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-04-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108247943201685\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11438"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5595"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10182"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108247943201685\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5595"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15919"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-23 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ncftp_software | ncftp | 3.0.0 | |
| ncftp_software | ncftp | 3.0.1 | |
| ncftp_software | ncftp | 3.0.2 | |
| ncftp_software | ncftp | 3.0.3 | |
| ncftp_software | ncftp | 3.0.4 | |
| ncftp_software | ncftp | 3.1.0 | |
| ncftp_software | ncftp | 3.1.1 | |
| ncftp_software | ncftp | 3.1.2 | |
| ncftp_software | ncftp | 3.1.3 | |
| ncftp_software | ncftp | 3.1.4 | |
| openbsd | openbsd | 3.0 | |
| sun | solaris | 2.6 | |
| sun | solaris | 7.0 | |
| sun | sunos | - | |
| sun | sunos | 5.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4465B8F4-7724-4689-850D-E6D80139CED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CEF0F37A-78B1-412E-95CD-E71C86FE8191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B76BBA94-E991-442E-9112-00B75E24D9F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "46864AF6-9CC9-448D-9B37-71735C0D255D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8F4172CB-B527-4573-8F4C-0F5297377399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1DAE9558-3CA6-4F3C-A45C-458168322E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3340DBE8-BFA5-4A2E-8854-FFDBB5190AD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01299616-C41D-4FEC-9616-890239760774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "334A8F5F-9E09-4B72-9CC7-A5CA9DA4D63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ncftp_software:ncftp:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "378852D8-2916-46FF-97B4-1C0D54D1BE53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60DA30A1-3360-46BC-85B7-008D535F95BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "8F1F312C-413F-4DB4-ABF4-48E33F6FECF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences."
}
],
"id": "CVE-2002-1345",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-23T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021205-01-A"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0102.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103962838628940\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/10821.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/210409"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021205-01-A"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0102.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103962838628940\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/10821.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/210409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6360"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2004-1948 (GCVE-0-2004-1948)
Vulnerability from cvelistv5
Published
2005-05-10 04:00
Modified
2024-08-08 01:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NcFTP client 3.1.6 and 3.1.7, when the username and password are included in an FTP URL that is provided on the command line, allows local users to obtain sensitive information via "ps aux," which displays the URL in the process list.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:07:49.141Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "10182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10182"
},
{
"name": "11438",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11438"
},
{
"name": "20040419 NcFTP - password leaking",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108247943201685\u0026w=2"
},
{
"name": "5595",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5595"
},
{
"name": "ncftp-info-disclosure(15919)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15919"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NcFTP client 3.1.6 and 3.1.7, when the username and password are included in an FTP URL that is provided on the command line, allows local users to obtain sensitive information via \"ps aux,\" which displays the URL in the process list."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "10182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10182"
},
{
"name": "11438",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11438"
},
{
"name": "20040419 NcFTP - password leaking",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108247943201685\u0026w=2"
},
{
"name": "5595",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5595"
},
{
"name": "ncftp-info-disclosure(15919)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15919"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1948",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NcFTP client 3.1.6 and 3.1.7, when the username and password are included in an FTP URL that is provided on the command line, allows local users to obtain sensitive information via \"ps aux,\" which displays the URL in the process list."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10182"
},
{
"name": "11438",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11438"
},
{
"name": "20040419 NcFTP - password leaking",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108247943201685\u0026w=2"
},
{
"name": "5595",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5595"
},
{
"name": "ncftp-info-disclosure(15919)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15919"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1948",
"datePublished": "2005-05-10T04:00:00",
"dateReserved": "2005-05-04T00:00:00",
"dateUpdated": "2024-08-08T01:07:49.141Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1345 (GCVE-0-2002-1345)
Vulnerability from cvelistv5
Published
2002-12-17 05:00
Modified
2024-08-08 03:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6360",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6360"
},
{
"name": "VU#210409",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/210409"
},
{
"name": "20021211 Directory Traversal Vulnerabilities in FTP Clients",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103962838628940\u0026w=2"
},
{
"name": "20021205-01-A",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021205-01-A"
},
{
"name": "20021210 Directory Traversal Vulnerabilities in FTP Clients",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0102.html"
},
{
"name": "ftp-client-filename-traversal(10821)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10821.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6360",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6360"
},
{
"name": "VU#210409",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/210409"
},
{
"name": "20021211 Directory Traversal Vulnerabilities in FTP Clients",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103962838628940\u0026w=2"
},
{
"name": "20021205-01-A",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021205-01-A"
},
{
"name": "20021210 Directory Traversal Vulnerabilities in FTP Clients",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0102.html"
},
{
"name": "ftp-client-filename-traversal(10821)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10821.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1345",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6360",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6360"
},
{
"name": "VU#210409",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/210409"
},
{
"name": "20021211 Directory Traversal Vulnerabilities in FTP Clients",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103962838628940\u0026w=2"
},
{
"name": "20021205-01-A",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021205-01-A"
},
{
"name": "20021210 Directory Traversal Vulnerabilities in FTP Clients",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0102.html"
},
{
"name": "ftp-client-filename-traversal(10821)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10821.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1345",
"datePublished": "2002-12-17T05:00:00",
"dateReserved": "2002-12-09T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}