Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences.
Max CVSS
5.0
EPSS Score
0.13%
Published
2002-12-23
Updated
2018-10-30
Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module.
Max CVSS
7.2
EPSS Score
0.06%
Published
2002-12-23
Updated
2018-10-30
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
Max CVSS
5.0
EPSS Score
0.43%
Published
2002-10-28
Updated
2018-10-30
3 vulnerabilities found