Directory Traversal Vulnerability in Xlight FTP Server by Xlight Software
CVE-2010-2695

Currently unrated

Key Information:

Vendor

Xlightftpd

Status
Xlight Ftp Server
Vendor
CVE Published:
12 July 2010

What is CVE-2010-2695?

A directory traversal vulnerability exists in the SFTP/SSH2 virtual server of Xlight FTP Server, allowing remote authenticated users to manipulate files in arbitrary directories. By using '..' (dot dot) sequences in commands such as ls, rm, and rename, an attacker could exploit this flaw to read, overwrite, or delete sensitive files on the server, leading to potential data loss or unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/archive/1/512192/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.xlightftpd.com/whatsnew.htm
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/60151
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.