TYPSoft FTP Server LIST Command Traversal Arbitrary Directory Listing

Medium Nessus Plugin ID 14706


The FTP server is affected by a directory traversal Vulnerability.


Using 'cd ...', it is possible to move from the FTP server root directory and access any file on the remote machine.


Contact your vendor for a fix.

If you are using TYPSoft FTP Server, update to 0.99.13 or later.

Plugin Details

Severity: Medium

ID: 14706

File Name: typsoftftp_dir_traversal.nasl

Version: $Revision: 1.20 $

Type: remote

Family: FTP

Published: 2004/09/13

Modified: 2014/12/26

Dependencies: 10079, 10092

Risk Information

Risk Factor: Medium


Base Score: 4

Temporal Score: 3.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

Required KB Items: ftp/login

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2002/04/07

Reference Information

CVE: CVE-2002-0558

BID: 2489

OSVDB: 6798