CVE-2004-2309 : Directory traversal vulnerability in Crob FTP Server 3.5.1 allows local users to

Directory traversal vulnerability in Crob FTP Server 3.5.1 allows local users to browse outside the FTP root via multiple ../ (dot dot slash) in the DIR command.

Published 2004-12-31 05:00:00

Updated 2017-07-11 01:31:47

Source MITRE

View at NVD, CVE.org

Vulnerability category: Directory traversal

Products affected by CVE-2004-2309

Crob » Crob Ftp Server » Version: 3.5.1
cpe:2.3:a:crob:crob_ftp_server:3.5.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2004-2309

EPSS FAQ

0.20%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 40 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2004-2309

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
2.1	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:N	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

References for CVE-2004-2309

Jump to

Vulnerability Details : CVE-2004-2309

Products affected by CVE-2004-2309

Exploit prediction scoring system (EPSS) score for CVE-2004-2309

CVSS scores for CVE-2004-2309

References for CVE-2004-2309