Vulnerabilities > CVE-2004-2674 - Multiple vulnerability in ArGoSoft FTP Server

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

COMPLETE

Integrity impact

NONE

Availability impact

NONE

network

low complexity

argosoft

NVD

Published: 2004-12-31

Updated: 2017-07-29

Summary

Directory traversal vulnerability in ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users to determine the existence of arbitrary files via ".." sequences in the SITE UNZIP argument.

Vulnerable Configurations

Part	Description	Count
Application	Argosoft Argosoft FTP Server *	1

References

http://secunia.com/advisories/11002
http://www.argosoft.com/rootpages/FtpServer/ChangeList.aspx
http://www.osvdb.org/11333
http://www.securiteam.com/windowsntfocus/5RP010KCAO.html
http://www.securityfocus.com/bid/9770
https://exchange.xforce.ibmcloud.com/vulnerabilities/15411