Vulnerabilities > CVE-2005-1484 - Directory Traversal vulnerability in Golden FTP Server Pro

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

kmint21-software

nessus

NVD

Published: 2005-05-11

Updated: 2017-07-11

Summary

Directory traversal vulnerability in Golden FTP server pro 2.52 allows remote attackers to read arbitrary files via a "\.." (backward slash dot dot) with a leading '"' (double quote) in the GET command.

Vulnerable Configurations

Part	Description	Count
Application	Kmint21_Software Kmint21 Software Golden FTP Server 1.00B Kmint21 Software Golden FTP Server 1.20B Kmint21 Software Golden FTP Server 1.30B Kmint21 Software Golden FTP Server 1.31B Kmint21 Software Golden FTP Server 1.92 Kmint21 Software Golden FTP Server 2.0.2B Kmint21 Software Golden FTP Server 2.0.5B Kmint21 Software Golden FTP Server 2.10 Kmint21 Software Golden FTP Server 2.16 Kmint21 Software Golden FTP Server 2.52	10

Nessus

NASL family	FTP
NASL id	GOLDEN_FTP_SERVER_TRAVERSAL.NASL
description	The version of Golden FTP Server installed on the remote host is prone to a directory traversal attack. Specifically, an attacker can read files located outside a share with
last seen	2020-06-01
modified	2020-06-02
plugin id	18194
published	2005-05-04
reporter	This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/18194
title	Golden FTP Server Pro GET Traversal Arbitrary File Access

Summary

Vulnerable Configurations

Nessus

References