Directory Traversal Vulnerability in Baby FTP Server by BabyFTP
CVE-2006-1383

Currently unrated

Key Information:

Vendor: Pablo Software Solutions
Status: Baby Ftp Server
Vendor: CVE Published:; 24 March 2006

What is CVE-2006-1383?

The vulnerability in Baby FTP Server (BabyFTP) version 1.24 enables remote authenticated users to exploit directory traversal flaws. It allows attackers to ascertain the existence of files located outside the designated document root by making specific requests that trigger different error responses based on whether a file is present. This can potentially lead to unauthorized access to sensitive files and data disclosure, raising serious security concerns.

References

http://www.securityfocus.com/bid/17205

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/25413

vdb-entryx_refsource_XF

http://secunia.com/advisories/19338

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Mar 24, 2006
Vulnerability Reserved
Mar 24, 2006

Pablo Software Solutions

What is CVE-2006-1383?

References

Timeline