← Zuruck zu CVEs
CVE-2008-5275
N/ABeschreibung
Multiple directory traversal vulnerabilities in the (a) "Unzip archive" and (b) "Upload files and archives" functionality in net2ftp 0.96 stable and 0.97 beta allow remote attackers to create, read, or delete arbitrary files via a .. (dot dot) in a filename within a (1) TAR or (2) ZIP archive. NOTE: this can be leveraged for code execution by creating a .php file.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht11/28/2008
Zuletzt geandert4/23/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
net2ftp:net2ftp
Schwachen (CWE)
CWE-22
Referenzen
http://secunia.com/advisories/30611(cve@mitre.org)
http://vuln.sg/net2ftp096-en.html(cve@mitre.org)
http://www.securityfocus.com/bid/29664(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42994(cve@mitre.org)
http://secunia.com/advisories/30611(af854a3a-2127-422b-91ae-364da2661108)
http://vuln.sg/net2ftp096-en.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/29664(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42994(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.