FTP 'CWD ~root' Command Privilege Escalation

Critical Nessus Plugin ID 10083


The remote FTP server is affected by a command privilege escalation vulnerability.


The remote FTP server is affected by a flaw that may allow a remote attacker to gain unauthorized privileges. An attacker can exploit this flaw by issuing a specially crafted request to the 'CWD ~root' command.


Disallow FTP login for root, and make sure root's home directory is not world readable.

See Also


Plugin Details

Severity: Critical

ID: 10083

File Name: ftp_cwd_root.nasl

Version: $Revision: 1.35 $

Type: remote

Family: FTP

Published: 1999/06/22

Modified: 2017/02/21

Dependencies: 10088, 10092, 10079

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:ND/RC:ND

Vulnerability Information

CPE: cpe:/a:ftp:ftp, cpe:/a:ftpcd:ftpcd

Required KB Items: ftp/login, Settings/ParanoidReport

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 1988/11/01

Reference Information

CVE: CVE-1999-0082