CyberSec.Space Logo
Back to CVE Browser

CVE-2001-1386

HIGH
7.5
CVSS Severity Score
EPSS Score0.0720%
EPSS Percentile40.60th
PublishedJul 1, 2001
Last ModifiedApr 16, 2026

Vulnerability Description

WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension.

Affected Platforms (CPE)

πŸ“¦
Texasimperialsoftware

Wftpd

= 3.00

References & Advisories

πŸ”— http://www.securityfocus.com/archive/1/194442
πŸ”— http://www.securityfocus.com/bid/2957
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/6760
πŸ”— http://www.securityfocus.com/archive/1/194442
πŸ”— http://www.securityfocus.com/bid/2957
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/6760

Related Vulnerabilities

CVE-1999-095010.0

Buffer overflow in WFTPD FTP server allows remote attackers to gain root access via a series of MKD and CWD commands that create n...

CVE-2001-029610.0

Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute arbitrary commands via a long CWD command.

CVE-2001-06947.5

Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote attacker to view arbitrary files via a dot dot attack in the CD...

CVE-2004-03407.2

Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro Server 3.20 Release 2, Server 3.21 Release 1, and Server 3.10 ...