CVE-2001-0263

high

Description

Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to read file attributes outside of the web root via the (1) SIZE and (2) MDTM commands when the "show relative paths" option is not enabled.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/6330

http://www.securityfocus.com/bid/2537

http://www.atstake.com/research/advisories/2001/a040301-1.txt

Details

Source: Mitre, NVD

Published: 2001-06-18

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.03178