Vulnerabilities > CVE-1999-1345 - Unspecified vulnerability in Auto FTP Auto FTP 0.2

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

auto-ftp

NVD

Published: 1999-10-05

Updated: 2016-10-18

Summary

Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared directory with insecure permissions, which allows local users to (1) send arbitrary files to the remote server by placing them in the directory, and (2) view files that are being transferred.

Vulnerable Configurations

Part	Description	Count
Application	Auto_Ftp Auto FTP Auto FTP 0.2	1

References

http://marc.info/?l=bugtraq&m=93923873006014&w=2