Vulnerability Description
Directory traversal vulnerability in the FTP client in Glub Tech Secure FTP before 2.5.16 on Windows allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, a related issue to CVE-2002-1345.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows Nt | All versions |
| Glub | Secure Ftp | <= 2.5.15 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/30725Vendor Advisory
- http://vuln.sg/glubsecureftp2515-en.htmlExploit
- http://www.securityfocus.com/bid/29741Exploit
- http://www.vupen.com/english/advisories/2008/1852/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43093
- http://secunia.com/advisories/30725Vendor Advisory
- http://vuln.sg/glubsecureftp2515-en.htmlExploit
- http://www.securityfocus.com/bid/29741Exploit
- http://www.vupen.com/english/advisories/2008/1852/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43093
FAQ
What is CVE-2008-2821?
CVE-2008-2821 is a vulnerability with a CVSS score of 9.3 (HIGH). Directory traversal vulnerability in the FTP client in Glub Tech Secure FTP before 2.5.16 on Windows allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a...
How severe is CVE-2008-2821?
CVE-2008-2821 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-2821?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows Nt, Glub Secure Ftp.