Vulnerabilities > CVE-2004-2309 - Remote Information Disclosure vulnerability in Crob FTP Server 3.5.1

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

crob

exploit available

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

Directory traversal vulnerability in Crob FTP Server 3.5.1 allows local users to browse outside the FTP root via multiple ../ (dot dot slash) in the DIR command.

Vulnerable Configurations

Part	Description	Count
Application	Crob Crob Crob FTP Server 3.5.1	1

Exploit-Db

description	Crob FTP Server 3.5.1 Remote Information Disclosure Vulnerability. CVE-2004-2309. Remote exploit for windows platform
id	EDB-ID:23632
last seen	2016-02-02
modified	2004-02-02
published	2004-02-02
reporter	Zero X
source	https://www.exploit-db.com/download/23632/
title	Crob FTP Server 3.5.1 - Remote Information Disclosure Vulnerability

References

http://secunia.com/advisories/10778/
http://www.securityfocus.com/archive/1/352329
http://www.securityfocus.com/bid/9546
http://www.securitytracker.com/alerts/2004/Feb/1008908.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/15028