Overview
Surge FTP Server 2.0a contains a directory traversal vulnerability.
Description
Surge FTP Server 2.0a allows remote users to list files outside the FTP root directory. |
Impact
Attackers may list files from directories to which access was not granted. |
Solution
Upgrade to version 2.0b, available at: |
Vendor Information
219043
CVSS Metrics
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
References
Acknowledgements
Thanks to Sentry Research Labs for reporting this vulnerability.
This document was written by Shawn Van Ittersum.
Other Information
CVE IDs: | CVE-2001-0698 |
Severity Metric: | 1.84 |
Date Public: | 2001-06-19 |
Date First Published: | 2002-03-29 |
Date Last Updated: | 2004-02-23 22:07 UTC |
Document Revision: | 10 |