CVE-2000-0587 | Vulnerability Database | Aqua Security

The privpath directive in glftpd 1.18 allows remote attackers to bypass access restrictions for directories by using the file name completion capability.

Affected Software

Name	Vendor	Start Version	End Version
Glftpd	Glftpd	1.18 (including)	1.18 (including)
Glftpd	Glftpd	1.19 (including)	1.19 (including)
Glftpd	Glftpd	1.20 (including)	1.20 (including)
Glftpd	Glftpd	1.21b1 (including)	1.21b1 (including)
Glftpd	Glftpd	1.21b2 (including)	1.21b2 (including)
Glftpd	Glftpd	1.21b3 (including)	1.21b3 (including)
Glftpd	Glftpd	1.21b4 (including)	1.21b4 (including)
Glftpd	Glftpd	1.21b5 (including)	1.21b5 (including)
Glftpd	Glftpd	1.21b6 (including)	1.21b6 (including)
Glftpd	Glftpd	1.21b7 (including)	1.21b7 (including)
Glftpd	Glftpd	1.21b8 (including)	1.21b8 (including)

References

http://archives.neohapsis.com/archives/bugtraq/2000-06/0317.html
http://www.securityfocus.com/bid/1401
http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.10006261041360.31907-200000%40twix.thrijswijk.nl

NVD	https://nvd.nist.gov/vuln/detail/CVE-2000-0587
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html