Home FTP Server Multiple Vulnerabilities

Medium Nessus Plugin ID 19501


The remote FTP server is affected by various information disclosure issues.


The remote host appears to be running Home Ftp Server, an FTP server application for Windows.

The installed version of Home Ftp Server by default lets authenticated users retrieve configuration files (which contain, for example, the names and passwords of users defined to the application) as well as arbitrary files on the remote system.


Unknown at this time.

See Also



Plugin Details

Severity: Medium

ID: 19501

File Name: home_ftp_dir_traversal.nasl

Version: $Revision: 1.23 $

Type: remote

Family: FTP

Published: 2005/08/25

Modified: 2016/10/10

Dependencies: 10084, 10092

Risk Information

Risk Factor: Medium


Base Score: 4

Temporal Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

Vulnerability Information

Required KB Items: ftp/login, ftp/password

Exploit Available: true

Exploit Ease: No exploit is required

Exploited by Nessus: true

Vulnerability Publication Date: 2005/08/24

Reference Information

CVE: CVE-2005-2726, CVE-2005-2727

BID: 14653

OSVDB: 18968, 18969