Directory Traversal Vulnerability in Baby FTP Server by Pablo Software Solutions
CVE-2003-1299

Currently unrated

Key Information:

Vendor: Pablo Software Solutions
Status: Baby Ftp Server
Vendor: CVE Published:; 31 December 2003

What is CVE-2003-1299?

The Baby FTP Server exhibits a directory traversal vulnerability, allowing remote authenticated users to exploit the CWD (Change Working Directory) command through '...' (triple dot) manipulations. This flaw could enable attackers to list arbitrary directories and potentially access restricted files, posing a significant risk to the confidentiality of the system's data. Users are urged to ensure they are using updated versions of the software to mitigate these security risks.

References

http://www.pablosoftwaresolutions.com/html/baby_ftp_serve...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/7749

vdb-entryx_refsource_BID

http://www.osvdb.org/24538

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability Reserved
Mar 24, 2006
Vulnerability published
Dec 31, 2003