CVE-2010-2695

2010-07-12 19:30:02 2018-10-10 21:59:55

Directory traversal vulnerability in the SFTP/SSH2 virtual server in Xlight FTP Server 3.5.0, 3.5.5, and possibly other versions before 3.6 allows remote authenticated users to read, overwrite, or delete arbitrary files via .. (dot dot) sequences in the (1) ls, (2) rm, (3) rename, and other unspecified commands.

Vector

NETWORK

Complexity

LOW

Authentication

SINGLE_INSTANCE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Xlightftpd Xlight ftp server 3.5.5 (not an official CPE) Xlightftpd Xlight ftp server 3.5 (not an official CPE)

Xlightftpd - Xlight ftp server

Advisory	Patch	Confirmed	Link
			xlight-sftp-directory-traversal(60151)
			20100705 Xlight FTPd Multiple Directory Traversal in SFT...
			http://www.xlightftpd.com/whatsnew.htm

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (ID 22)

Related CAPEC 7 Relative Path Traversal (CAPEC-ID 139) Directory Traversal (CAPEC-ID 213) File System Function Injection, Content Based (CAPEC-ID 23) Using Slashes and URL Encoding Combined to Bypass Validation Logic (CAPEC-ID 64) Manipulating Input to File System Calls (CAPEC-ID 76) Using Escaped Slashes in Alternate Encoding (CAPEC-ID 78) Using Slashes in Alternate Encoding (CAPEC-ID 79)