CVE-2005-0372

Currently unrated

Key Information:

Vendor: Gnome
Status: Gtk
Vendor: CVE Published:; 2 May 2005

Summary

Directory traversal vulnerability in gftp before 2.0.18 for GTK+ allows remote malicious FTP servers to read arbitrary files via .. (dot dot) sequences in filenames returned from a LIST command.

References

http://www.mandriva.com/security/advisories?name=MDKSA-20...

vendor-advisoryx_refsource_MANDRAKE

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio...

vendor-advisoryx_refsource_CONECTIVA

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Feb 13, 2005