ArGoSoft FTP Server < Multiple .LNK File Handling Vulnerabilities

critical Nessus Plugin ID 16334


The remote FTP server is susceptible to several file access attacks.


The remote host is running the ArGoSoft FTP Server.

It is reported that ArGoSoft FTP Server allows an attacker to upload shortcut (.LNK) files via either a 'SITE UNZIP' or 'SITE COPY' command and gain read and write access to any files and directories on the FTP server.


Upgrade to ArGoSoft FTP or later.

Plugin Details

Severity: Critical

ID: 16334

File Name: argosoft_ftp_shortcut2.nasl

Version: 1.17

Type: remote

Family: FTP

Published: 2/9/2005

Updated: 6/27/2018

Supported Sensors: Nessus

Risk Information


Risk Factor: Medium

Score: 5.9


Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2/8/2005

Reference Information

CVE: CVE-2005-0519, CVE-2005-0520

BID: 12487, 12632