Back to CVE Browser

CVE-2008-2821

CRITICAL

9.3

CVSS Severity Score

EPSS Score0.0390%

EPSS Percentile25.29th

PublishedJun 23, 2008

Last ModifiedApr 23, 2026

Vulnerability Description

Directory traversal vulnerability in the FTP client in Glub Tech Secure FTP before 2.5.16 on Windows allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, a related issue to CVE-2002-1345.

Affected Platforms (CPE)

📦

Glub

Secure Ftp

<= 2.5.15

References & Advisories

🔗 http://secunia.com/advisories/30725

🔗 http://vuln.sg/glubsecureftp2515-en.html

🔗 http://www.securityfocus.com/bid/29741

🔗 http://www.vupen.com/english/advisories/2008/1852/references

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/43093

🔗 http://secunia.com/advisories/30725

🔗 http://vuln.sg/glubsecureftp2515-en.html

🔗 http://www.securityfocus.com/bid/29741

Related Vulnerabilities

CVE-2008-254110.0

Multiple stack-based buffer overflows in the HTTP Gateway Service (icihttp.exe) in CA eTrust Secure Content Manager 8.0 allow remo...

CVE-2002-220910.0

Unspecified "security vulnerability" in Baby FTP Server versions before November 7, 2002 has unknown impact and attack vectors.

CVE-2005-141510.0

Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute arbitrary code via a long FTP ...

CVE-2007-18799.3

The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security 6.0 ...