Vulnerabilities > CVE-2001-1335 - Unspecified vulnerability in Aclogic Cesarftp 0.98B
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Directory traversal vulnerability in CesarFTP 0.98b and earlier allows remote authenticated users (such as anonymous) to read arbitrary files via a GET with a filename that contains a ...%5c (modified dot dot).
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | ACLogic CesarFTP 0.98 b Directory Traversal Vulnerability. CVE-2001-1335. Remote exploit for windows platform |
| id | EDB-ID:20884 |
| last seen | 2016-02-02 |
| modified | 2001-05-27 |
| published | 2001-05-27 |
| reporter | byterage |
| source | https://www.exploit-db.com/download/20884/ |
| title | ACLogic CesarFTP 0.98b - Directory Traversal Vulnerability |
Nessus
NASL family FTP NASL id CESARFTP_OVERFLOWS.NASL description The remote host is running CesarFTP, an FTP server for Windows systems. There are multiple flaws in this version of CesarFTP that could allow an attacker to execute arbitrary code on this host, or simply to disable this server remotely. last seen 2020-06-01 modified 2020-06-02 plugin id 11755 published 2003-06-18 reporter This script is Copyright (C) 2003-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/11755 title CesarFTP Multiple Vulnerabilities (OF, File Access, more) NASL family FTP NASL id FTP_TRAVERSAL.NASL description The remote FTP server allows users to browse the entire remote disk by issuing commands with traversal style characters. An attacker could exploit this flaw to gain access to arbitrary files. last seen 2020-06-01 modified 2020-06-02 plugin id 11112 published 2002-08-27 reporter This script is Copyright (C) 2002-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/11112 title FTP Server Traversal Arbitrary File Access
References
- http://archives.neohapsis.com/archives/bugtraq/2001-05/0252.html
- http://archives.neohapsis.com/archives/bugtraq/2001-05/0252.html
- http://www.iss.net/security_center/static/6606.php
- http://www.iss.net/security_center/static/6606.php
- http://www.securityfocus.com/bid/2786
- http://www.securityfocus.com/bid/2786