Vulnerabilities > CVE-2001-0283 - Directory Traversal vulnerability in SUN FTP Build9

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

sun

nessus

exploit available

NVD

Published: 2001-05-03

Updated: 2008-09-05

Summary

Directory traversal vulnerability in SunFTP build 9 allows remote attackers to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAME, or (5) PUT.

Vulnerable Configurations

Part	Description	Count
Application	Sun SUN SUN FTP Build_9	1

Exploit-Db

description	SunFTP 1.0 Build 9 Unauthorized File Access Vulnerability. CVE-2001-0283. Remote exploit for windows platform
id	EDB-ID:20653
last seen	2016-02-02
modified	2001-03-02
published	2001-03-02
reporter	se00020
source	https://www.exploit-db.com/download/20653/
title	SunFTP 1.0 Build 9 Unauthorized File Access Vulnerability

Nessus

NASL family	FTP
NASL id	SUNFTPD_TRAVERSAL.NASL
description	Directory traversal vulnerability in SunFTP build 9 allows remote attackers to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAME, or (5) PUT.
last seen	2020-06-01
modified	2020-06-02
plugin id	11374
published	2003-03-13
reporter	This script is Copyright (C) 2003-2018 Xue Yong Zhi
source	https://www.tenable.com/plugins/nessus/11374
title	SunFTP Multiple Command Traversal Arbitrary File Creation/Deletion

References

http://archives.neohapsis.com/archives/bugtraq/2001-02/0523.html