Robo-FTP Directory Traversal Vulnerability Network Vulnerability

Summary

This host is installed with Robo-FTP and is prone to directory traversal vulnerability.

Impact

Successful exploitation will allow attacker to download or upload arbitrary files. This may aid in further attacks. Impact Level: Application

Solution

Upgrade to Robo-FTP version 3.7.5 or later, For updates refer to http://www.robo-ftp.com/download/

Insight

This flaw is due to an input validation error when downloading directories containing files with directory traversal specifiers in the filename. This can be exploited to download files to an arbitrary location on a user's system.

Affected

Robo-FTP versions prior to 3.7.5.

References

http://secunia.com/advisories/41809
http://www.htbridge.ch/advisory/directory_traversal_vulnerability_in_robo_ftp.html
http://xforce.iss.net/xforce/xfdb/62548

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4095

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Mac OS X)
Adobe Acrobat Multiple Vulnerabilities - Mac OS X
Adobe Air Multiple Vulnerabilities - October 12 (Mac OS X)
Adobe Acrobat and Reader Multiple Vulnerabilities -Oct10 (Windows)
7T Interactive Graphical SCADA System Multiple Security Vulnerabilities

Take action and discover your vulnerabilities