SunFTP Directory Traversal Network Vulnerability

Summary

Directory traversal vulnerability in SunFTP build 9 allows remote attackers to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAME, or (5) PUT.

Solution

Switching to another FTP server, SunFTP is discontinued.

Severity

Classification

CVE CVE-2001-0283

CVSS	Base Score: 6.4 AV:N/AC:L/Au:N/C:P/I:P/A:N

Related Vulnerabilities

TYPSoft FTP Server 'ABORT' Command Remote Denial of Service Vulnerability
Wing FTP Server Denial of Service Vulnerability and Information Disclosure Vulnerability
Home FTP Server Multiple Directory Traversal Vulnerabilities
Blackmoon FTP PORT Command Denial Of Service Vulnerability
wu-ftpd rnfr file overwrite

SunFTP directory traversal

Take action and discover your vulnerabilities