CVE-2001-0054

Currently unrated

Key Information:

Vendor: Solarwinds
Status: Serv-u File Server
Vendor: CVE Published:; 16 February 2001

Summary

Directory traversal vulnerability in FTP Serv-U before 2.5i allows remote attackers to escape the FTP root and read arbitrary files by appending a string such as "/..%20." to a CD command, a variant of a .. (dot dot) attack.

References

http://www.osvdb.org/464

vdb-entryx_refsource_OSVDB

http://archives.neohapsis.com/archives/bugtraq/2000-12/00...

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/5639

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Feb 16, 2001
Vulnerability Reserved
Feb 1, 2001