Vulnerabilities > CVE-2006-6240 - Directory Traversal vulnerability in Telnet FTP Server Telnet FTP Server 1.0

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

telnet-ftp-server

NVD

Published: 2006-12-03

Updated: 2017-07-29

Summary

Directory traversal vulnerability in Sorin Chitu Telnet-FTP Server 1.0 allows remote authenticated users to list contents of arbitrary directories and download arbitrary files via a .. (dot dot) sequence in an FTP command argument, as demonstrated by RETR (GET) or STOR (PUT). NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part	Description	Count
Application	Telnet_Ftp_Server Telnet FTP Server Telnet FTP Server 1.0	1

References

http://secunia.com/advisories/22921
http://www.securityfocus.com/bid/21339
http://www.vupen.com/english/advisories/2006/4765
https://exchange.xforce.ibmcloud.com/vulnerabilities/30582