EFTP Installation Directory Disclosure Network Vulnerability

Summary

The remote FTP server can be used to determine the installation directory by sending a request on an unexisting file. An attacker may use this flaw to gain more knowledge about this host, such as its filesystem layout.

Solution

update your FTP server

Severity

Classification

CVE CVE-2001-1109

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Golden FTP Server Malformed Message Denial Of Service Vulnerability
Quick 'n Easy FTP Login Denial of Service Vulnerability
Null FTP Server SITE Command Execution Vulnerability
WS FTP overflows
War FTP Daemon 'USER' and 'PASS' Remote Format String Vulnerability

EFTP installation directory disclosure

Take action and discover your vulnerabilities