Directory Traversal Vulnerability in FTP Serv-U by Rhinosoft
CVE-2001-0054

Currently unrated

Key Information:

Vendor

Solarwinds
Status
Serv-u File Server
Vendor
CVE Published:
16 February 2001

What is CVE-2001-0054?

The affected version of FTP Serv-U is susceptible to a directory traversal vulnerability, allowing remote attackers to navigate outside the designated FTP root directory. By manipulating the CD command with specific input patterns such as '/..%20.', unauthorized users can gain access to arbitrary files on the server. This type of attack exploits the way the server processes directory commands, posing a serious risk of data exposure.

References

http://www.osvdb.org/464
vdb-entryx_refsource_OSVDB
http://archives.neohapsis.com/archives/bugtraq/2000-12/00...
mailing-listx_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/5639
vdb-entryx_refsource_XF

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.