CVE-2002-1345

Published Dec 23, 2002

Last updated 6 years ago

CVSS info 5.0

Overview

Description: Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ncftp_software:ncftp:3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4465B8F4-7724-4689-850D-E6D80139CED7"
          },
          {
            "criteria": "cpe:2.3:a:ncftp_software:ncftp:3.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CEF0F37A-78B1-412E-95CD-E71C86FE8191"
          },
          {
            "criteria": "cpe:2.3:a:ncftp_software:ncftp:3.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B76BBA94-E991-442E-9112-00B75E24D9F4"
          },
          {
            "criteria": "cpe:2.3:a:ncftp_software:ncftp:3.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46864AF6-9CC9-448D-9B37-71735C0D255D"
          },
          {
            "criteria": "cpe:2.3:a:ncftp_software:ncftp:3.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F4172CB-B527-4573-8F4C-0F5297377399"
          },
          {
            "criteria": "cpe:2.3:a:ncftp_software:ncftp:3.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DAE9558-3CA6-4F3C-A45C-458168322E66"
          },
          {
            "criteria": "cpe:2.3:a:ncftp_software:ncftp:3.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3340DBE8-BFA5-4A2E-8854-FFDBB5190AD8"
          },
          {
            "criteria": "cpe:2.3:a:ncftp_software:ncftp:3.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01299616-C41D-4FEC-9616-890239760774"
          },
          {
            "criteria": "cpe:2.3:a:ncftp_software:ncftp:3.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "334A8F5F-9E09-4B72-9CC7-A5CA9DA4D63B"
          },
          {
            "criteria": "cpe:2.3:a:ncftp_software:ncftp:3.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "378852D8-2916-46FF-97B4-1C0D54D1BE53"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "60DA30A1-3360-46BC-85B7-008D535F95BE"
          },
          {
            "criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B"
          },
          {
            "criteria": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F1F312C-413F-4DB4-ABF4-48E33F6FECF2"
          },
          {
            "criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB"
          },
          {
            "criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References