Vulnerabilities > CVE-2004-1276 - Local Security vulnerability in Iglooftp 0.6.1

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

local

low complexity

iglooftp

NVD

Published: 2005-01-10

Updated: 2017-07-11

Summary

IglooFTP 0.6.1, when recursively uploading a directory, allows local users to overwrite the files that are being uploaded by creating temporary files with names generated by the tmpnam function, before the files are opened by IglooFTP.

Vulnerable Configurations

Part	Description	Count
Application	Iglooftp Iglooftp Iglooftp 0.6.1	1

References

http://tigger.uic.edu/~jlongs2/holes/iglooftp.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/18632