Mac OS X FTP Server Directory Traversal

Medium Nessus Plugin ID 45381


The remote FTP server is affected by a directory traversal vulnerability.


The remote FTP server contains a directory traversal vulnerability that may allow an anonymous user to retrieve files outside the FTP root directory.


Upgrade to Mac OS X Server 10.6.3 or apply Security Update 2010-002.

See Also

Plugin Details

Severity: Medium

ID: 45381

File Name: macosx_ftp_traversal.nasl

Version: $Revision: 1.11 $

Type: remote

Family: FTP

Published: 2010/03/30

Modified: 2015/09/24

Dependencies: 10092, 10079

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Required KB Items: ftp/login

Excluded KB Items: ftp/ncftpd, ftp/msftpd, global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Patch Publication Date: 2010/03/30

Vulnerability Publication Date: 2010/03/29

Reference Information

CVE: CVE-2010-0501

BID: 39020

OSVDB: 63378