Directory Traversal Vulnerability in Pablo FTP Server by Pablo Software Solutions
CVE-2002-1054

Currently unrated

Key Information:

Vendor: Pablo Software Solutions
Status: Pablo Ftp Server
Vendor: CVE Published:; 4 October 2002

What is CVE-2002-1054?

The Pablo FTP Server, specifically versions 1.0 build 9 and earlier, contains a directory traversal vulnerability that can potentially be exploited by remote authenticated users. By crafting specific LIST commands that include the '..' (dot-dot backslash) sequence, an attacker can gain unauthorized access to arbitrary directories, compromising the integrity and confidentiality of the data stored on the server. This vulnerability underscores the critical need for proper input validation and access control measures in FTP servers.

References

http://www.securityfocus.com/bid/5283

vdb-entryx_refsource_BID

http://archives.neohapsis.com/archives/vulnwatch/2002-q3/...

mailing-listx_refsource_VULNWATCH

http://www.osvdb.org/4995

vdb-entryx_refsource_OSVDB

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 4, 2002
Vulnerability Reserved
Aug 30, 2002