Lucene search

[email protected]CVE-2001-0765

HistoryMar 09, 2002 - 5:00 a.m.

CVE-2001-0765

2002-03-0905:00:00

[email protected]

web.nvd.nist.gov

cve-2001-0765

bisonftp

bdl files

local user access

directory link

vulnerability

nvd

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

BisonFTP V4R1 allows local users to access directories outside of their home directory by uploading .bdl files, which can then be linked to other directories.

Affected configurations

NVD

Node

bisonwarebison_ftp_serverMatchv4r1

CPENameOperatorVersion
bisonware:bison_ftp_serverbisonware bison ftp servereqv4r1

CPE	Name	Operator	Version
bisonware:bison_ftp_server	bisonware bison ftp server	eq	v4r1

References

archives.neohapsis.com/archives/bugtraq/2001-07/0025.html

www.bisonftp.com/ServRev.htm

www.osvdb.org/1888

www.securityfocus.com/bid/2963

exchange.xforce.ibmcloud.com/vulnerabilities/6782

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2001-0765

cvelist1 nvd1