Remote Path Disclosure in Novell iChain Mini FTP Server
CVE-2005-0746

Currently unrated

Key Information:

Vendor: Novell
Status: Ichain
Vendor: CVE Published:; 2 May 2005

Summary

The Mini FTP Server in Novell iChain versions 2.2 and 2.3 SP2 and earlier is susceptible to a remote path disclosure vulnerability. This issue allows unauthenticated attackers to execute the PWD command, thereby revealing the full path of the FTP server. Exploiting this vulnerability can assist attackers in navigating the system structure and facilitate further attacks.

References

http://marc.info/?l=bugtraq&m=111091102023359&w=2

mailing-listx_refsource_BUGTRAQ

http://www.infobyte.com.ar/adv/ISR-03.html

x_refsource_MISC

http://securitytracker.com/id?1013407

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Mar 13, 2005