CVE-2000-1101
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
09/01/2001
Last modified:
20/11/2024
Description
Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.41 with the "Restrict to home directory" option enabled allows local users to escape the home directory via a "/../" string, a variation of the .. (dot dot) attack.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:texas_imperial_software:wftpd:2.41_rc14:*:*:*:*:*:*:* | ||
| cpe:2.3:a:texas_imperial_software:wftpd:2.41_rc14:*:pro:*:*:*:*:* | ||
| cpe:2.3:a:texas_imperial_software:wftpd:3.0:*:pro:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://archives.neohapsis.com/archives/bugtraq/2000-11/0386.html
- http://www.iss.net/security_center/static/5608.php
- http://www.securityfocus.com/bid/2005
- http://archives.neohapsis.com/archives/bugtraq/2000-11/0386.html
- http://www.iss.net/security_center/static/5608.php
- http://www.securityfocus.com/bid/2005