CyberSec.Space Logo
Back to CVE Browser

CVE-2003-1299

MEDIUM
4.0
CVSS Severity Score
EPSS Score0.0710%
EPSS Percentile12.24th
PublishedDec 31, 2003
Last ModifiedApr 16, 2026

Vulnerability Description

Directory traversal vulnerability in Baby FTP Server 1.2, and possibly other versions before May 31, 2003 allows remote authenticated users to list arbitrary directories and possibly read files via "..." (triple dot) manipulations to the CWD command.

Affected Platforms (CPE)

πŸ“¦
Pablo Software Solutions

Baby Ftp Server

= 1.2

References & Advisories

πŸ”— http://packetstormsecurity.org/0305-exploits/baby.txt
πŸ”— http://www.osvdb.org/24538
πŸ”— http://www.pablosoftwaresolutions.com/html/baby_ftp_server.html
πŸ”— http://www.securityfocus.com/bid/7749
πŸ”— http://packetstormsecurity.org/0305-exploits/baby.txt
πŸ”— http://www.osvdb.org/24538
πŸ”— http://www.pablosoftwaresolutions.com/html/baby_ftp_server.html
πŸ”— http://www.securityfocus.com/bid/7749

Related Vulnerabilities

CVE-2002-220910.0

Unspecified "security vulnerability" in Baby FTP Server versions before November 7, 2002 has unknown impact and attack vectors.

CVE-2003-13005.0

Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May 31, 2003, allows remote attackers to cause a denial of servi...

CVE-2006-13834.0

Directory traversal vulnerability in Baby FTP Server (BabyFTP) 1.24 allows remote authenticated users to determine existence of fi...

CVE-2003-109010.0

Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote attackers to execute arbitrary code via a long window title.