CVEブラウザに戻る

CVE-2008-2821

CRITICAL

9.3

CVSS Severity Score

EPSS Score0.0390%

EPSS Percentile25.29th

Published2008年6月23日

Last Modified2026年4月23日

Vulnerability Description

Directory traversal vulnerability in the FTP client in Glub Tech Secure FTP before 2.5.16 on Windows allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, a related issue to CVE-2002-1345.

Affected Platforms (CPE)

📦

Glub

Secure Ftp

<= 2.5.15

References & Advisories

🔗 http://secunia.com/advisories/30725

🔗 http://vuln.sg/glubsecureftp2515-en.html

🔗 http://www.securityfocus.com/bid/29741

🔗 http://www.vupen.com/english/advisories/2008/1852/references

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/43093

🔗 http://secunia.com/advisories/30725

🔗 http://vuln.sg/glubsecureftp2515-en.html

🔗 http://www.securityfocus.com/bid/29741

関連する脆弱性情報

CVE-2008-254110.0

Multiple stack-based buffer overflows in the HTTP Gateway Service (icihttp.exe) in CA eTrust Secure Content Manager 8.0 allow remo...

CVE-2002-220910.0

Unspecified "security vulnerability" in Baby FTP Server versions before November 7, 2002 has unknown impact and attack vectors.

CVE-2005-141510.0

Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute arbitrary code via a long FTP ...

CVE-2007-18799.3

The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security 6.0 ...