ArGoSoft FTP Server .lnk Shortcut Upload Arbitrary File Manipulation

High Nessus Plugin ID 15623


The remote FTP server is affected by an unauthorized access issue.


The remote host is running ArGoSoft FTP Server.

It is reported that ArGoSoft FTP Server is prone to an attack that allows link upload. An attacker, exploiting this flaw, may be able to have read and write access to any files and directories on the FTP server.


Upgrade to ArGoSoft FTP or later.

Plugin Details

Severity: High

ID: 15623

File Name: argosoft_ftp_shortcut.nasl

Version: $Revision: 1.18 $

Type: remote

Family: FTP

Published: 2004/11/04

Modified: 2011/03/11

Dependencies: 10092

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2004/11/01

Reference Information

CVE: CVE-2004-2672

BID: 11589

OSVDB: 11325