CyberSec.Space Logo
CVEブラウザに戻る

CVE-2001-1386

HIGH
7.5
CVSS Severity Score
EPSS Score0.0720%
EPSS Percentile40.60th
Published2001年7月1日
Last Modified2026年4月16日

Vulnerability Description

WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension.

Affected Platforms (CPE)

📦
Texasimperialsoftware

Wftpd

= 3.00

References & Advisories

🔗 http://www.securityfocus.com/archive/1/194442
🔗 http://www.securityfocus.com/bid/2957
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/6760
🔗 http://www.securityfocus.com/archive/1/194442
🔗 http://www.securityfocus.com/bid/2957
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/6760

関連する脆弱性情報

CVE-1999-095010.0

Buffer overflow in WFTPD FTP server allows remote attackers to gain root access via a series of MKD and CWD commands that create n...

CVE-2001-029610.0

Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute arbitrary commands via a long CWD command.

CVE-2001-06947.5

Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote attacker to view arbitrary files via a dot dot attack in the CD...

CVE-2004-03407.2

Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro Server 3.20 Release 2, Server 3.21 Release 1, and Server 3.10 ...