CVE-2005-0372 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2005-0372
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-0372

Description: Directory traversal vulnerability in gftp before 2.0.18 for GTK+ allows remote malicious FTP servers to read arbitrary files via .. (dot dot) sequences in filenames returned from a LIST command.

CVE Status: Candidate

References: REDHAT http://www.redhat.com/support/errata/RHSA-2005-410.html OVAL http://oval.mitre.org/oval/definitions/data/oval717.html MANDRAKE http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:050 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200502-27.xml FEDORA http://www.securityfocus.com/advisories/8380 http://www.securityfocus.com/advisories/8379 DEBIAN http://www.debian.org/security/2005/dsa-686 CONECTIVA http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000957 BID 12539

Return to the previous page.