Detections
Analytics

TYPSoft FTP Server LIST Command Traversal Arbitrary Directory Listing

medium Nessus Plugin ID 14706

Language:

Synopsis

The FTP server is affected by a directory traversal Vulnerability.

Description

Using 'cd ...', it is possible to move from the FTP server root directory and access any file on the remote machine.

Solution

Contact your vendor for a fix.

If you are using TYPSoft FTP Server, update to 0.99.13 or later.

Plugin Details

Severity: Medium

ID: 14706

File Name: typsoftftp_dir_traversal.nasl

Version: 1.22

Type: remote

Family: FTP

Published: 9/13/2004

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 4

Temporal Score: 3

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Vulnerability Information

Required KB Items: ftp/login

Exploit Ease: No exploit is required

Vulnerability Publication Date: 4/7/2002

Reference Information

CVE: CVE-2002-0558

BID: 2489