CVE Vulnerabilities

CVE-2004-2488

Published: Dec 31, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Directory traversal vulnerability in Nexgen FTP Server before 2.2.3.23 allows remote authenticated users to read or list arbitrary files via C: sequences in the (1) RETR (get), (2) NLST (ls), (3) LIST (ls), (4) RNFR, or (5) RNTO FTP commands.

Affected Software

Name Vendor Start Version End Version
Nexgen_ftp_server Nexgen 1.0 1.0
Nexgen_ftp_server Nexgen 2.0 2.0
Nexgen_ftp_server Nexgen 2.1 2.1
Nexgen_ftp_server Nexgen 2.2 2.2

References