CVEブラウザに戻る

CVE-2003-1299

MEDIUM

4.0

CVSS Severity Score

EPSS Score0.0710%

EPSS Percentile12.24th

Published2003年12月31日

Last Modified2026年4月16日

Vulnerability Description

Directory traversal vulnerability in Baby FTP Server 1.2, and possibly other versions before May 31, 2003 allows remote authenticated users to list arbitrary directories and possibly read files via "..." (triple dot) manipulations to the CWD command.

Affected Platforms (CPE)

📦

Pablo Software Solutions

Baby Ftp Server

= 1.2

References & Advisories

🔗 http://packetstormsecurity.org/0305-exploits/baby.txt

🔗 http://www.osvdb.org/24538

🔗 http://www.pablosoftwaresolutions.com/html/baby_ftp_server.html

🔗 http://www.securityfocus.com/bid/7749

🔗 http://packetstormsecurity.org/0305-exploits/baby.txt

🔗 http://www.osvdb.org/24538

🔗 http://www.pablosoftwaresolutions.com/html/baby_ftp_server.html

🔗 http://www.securityfocus.com/bid/7749

関連する脆弱性情報

CVE-2002-220910.0

Unspecified "security vulnerability" in Baby FTP Server versions before November 7, 2002 has unknown impact and attack vectors.

CVE-2003-13005.0

Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May 31, 2003, allows remote attackers to cause a denial of servi...

CVE-2006-13834.0

Directory traversal vulnerability in Baby FTP Server (BabyFTP) 1.24 allows remote authenticated users to determine existence of fi...

CVE-2003-019610.0

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service...