Lucene search

[email protected]CVE-2003-1299

HistoryMar 24, 2006 - 11:00 a.m.

CVE-2003-1299

2006-03-2411:00:00

[email protected]

web.nvd.nist.gov

cve-2003-1299

directory traversal

baby ftp server

remote authentication

security vulnerability

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

54.9%

JSON

Directory traversal vulnerability in Baby FTP Server 1.2, and possibly other versions before May 31, 2003 allows remote authenticated users to list arbitrary directories and possibly read files via “…” (triple dot) manipulations to the CWD command.

Affected configurations

NVD

Node

pablo_software_solutionsbaby_ftp_serverMatch1.2

CPENameOperatorVersion
pablo_software_solutions:baby_ftp_serverpablo software solutions baby ftp servereq1.2

CPE	Name	Operator	Version
pablo_software_solutions:baby_ftp_server	pablo software solutions baby ftp server	eq	1.2

References

packetstormsecurity.org/0305-exploits/baby.txt

www.osvdb.org/24538

www.pablosoftwaresolutions.com/html/baby_ftp_server.html

www.securityfocus.com/bid/7749

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

54.9%

JSON

Related for CVE-2003-1299

nvd1 cvelist1