EFTP Multiple Command Traversal Arbitrary Directory Listing

Medium Nessus Plugin ID 10933


The remote FTP server is affected by an information disclosure vulnerability.


The version of EFTP installed on the remote host can be used to determine if a given file exists on the remote host or not, by adding dot-dot-slashes in front of them.

For instance, it is possible to determine the presence of '\autoexec.bat' by using the command SIZE or MDTM with the argument '../../../../autoexec.bat'

An attacker may leverage this flaw to gain more knowledge about this host, such as its file layout. This flaw is especially useful in combination with other vulnerabilities.


Upgrade to version 3.2 or higher, as it has been reported to fix this vulnerability.

See Also


Plugin Details

Severity: Medium

ID: 10933

File Name: eftp_directory_traversal.nasl

Version: $Revision: 1.33 $

Type: remote

Family: FTP

Published: 2002/03/29

Modified: 2016/10/10

Dependencies: 10092, 10079

Risk Information

Risk Factor: Medium


Base Score: 4

Temporal Score: 3.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

Vulnerability Information

Required KB Items: ftp/login, Settings/ThoroughTests

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2001/09/12

Reference Information

CVE: CVE-2001-1109

BID: 3333

OSVDB: 766