CVE

CVE-2001-0963

Date: (C)2001-09-20   (M)2023-12-22

Directory traversal vulnerability in SpoonFTP 1.1 allows local and sometimes remote attackers to access files outside of the FTP root via a ... (modified dot dot) in the CD (CWD) command.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL

Reference:

OSVDB-1953

http://archives.neohapsis.com/archives/bugtraq/2001-09/0171.html

BID-3351

http://www.pi-soft.com/spoonftp/index.shtml

spoonftp-dot-directory-traversal(7147)