CVE-2008-7262

Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.3.0 allow remote authenticated users to access arbitrary files and directories via vectors involving a symlink in a pathname to a (1) CWD, (2) DELE, (3) STOR, or (4) RETR command.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:g.rodola:pyftpdlib:*:*:*:*:*:*:*:*
cpe:2.3:a:g.rodola:pyftpdlib:0.1:*:*:*:*:*:*:*
cpe:2.3:a:g.rodola:pyftpdlib:0.1.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2010-10-19 20:00

Updated : 2024-02-04 17:54


NVD link : CVE-2008-7262

Mitre link : CVE-2008-7262

CVE.ORG link : CVE-2008-7262


JSON object : View

Products Affected

g.rodola

  • pyftpdlib
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')