Vulnerability Description
Directory traversal vulnerability in TYPSoft FTP server 0.97.1 and earlier allows a remote authenticated user (possibly anonymous) to list arbitrary directories via a .. in a LIST (ls) command ending in wildcard *.* characters.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Typsoft | Typsoft Ftp Server | 0.85 |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-04/0090.htmlVendor Advisory
- http://www.iss.net/security_center/static/6165.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/2489PatchVendor Advisory
- http://archives.neohapsis.com/archives/bugtraq/2002-04/0090.htmlVendor Advisory
- http://www.iss.net/security_center/static/6165.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/2489PatchVendor Advisory
FAQ
What is CVE-2002-0558?
CVE-2002-0558 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Directory traversal vulnerability in TYPSoft FTP server 0.97.1 and earlier allows a remote authenticated user (possibly anonymous) to list arbitrary directories via a .. in a LIST (ls) command ending ...
How severe is CVE-2002-0558?
CVE-2002-0558 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0558?
Check the references section above for vendor advisories and patch information. Affected products include: Typsoft Typsoft Ftp Server.