CVE-2008-2399 - Vulnerability Details - OpenCVE

Directory traversal vulnerability in the FireFTP add-on before 0.98.20080518 for Firefox allows remote FTP servers to create or overwrite arbitrary files via ..\ (dot dot backslash) sequences in responses to (1) MLSD and (2) LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fireftp	Fireftp
Mozilla	Firefox

Configuration 1 [-]

OR	cpe:2.3:a:fireftp:fireftp::::::::
	cpe:2.3:a:mozilla:firefox::::::::

No data.

References

Link	Providers
http://secunia.com/advisories/30284
http://vuln.sg/fireftp0971-en.html
http://www.kb.cert.org/vuls/id/906907
http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.58%3Br2=1.59%3Bf=h
http://www.securityfocus.com/bid/29289
http://www.vupen.com/english/advisories/2008/1596/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42516

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-05-22T10:00:00

Updated: 2024-08-07T08:58:02.249Z

Reserved: 2008-05-22T00:00:00

Link: CVE-2008-2399

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-05-22T13:09:00.000

Modified: 2024-11-21T00:46:47.833

Link: CVE-2008-2399

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-05-19T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the FireFTP add-on before 0.98.20080518 for Firefox allows remote FTP servers to create or overwrite arbitrary files via ..\\ (dot dot backslash) sequences in responses to (1) MLSD and (2) LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2008-1596", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1596/references"}, {"name": "fireftp-mlsd-list-directory-traversal(42516)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42516"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.58%3Br2=1.59%3Bf=h"}, {"name": "29289", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/29289"}, {"name": "30284", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30284"}, {"tags": ["x_refsource_MISC"], "url": "http://vuln.sg/fireftp0971-en.html"}, {"name": "VU#906907", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/906907"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-2399", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in the FireFTP add-on before 0.98.20080518 for Firefox allows remote FTP servers to create or overwrite arbitrary files via ..\\ (dot dot backslash) sequences in responses to (1) MLSD and (2) LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2008-1596", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1596/references"}, {"name": "fireftp-mlsd-list-directory-traversal(42516)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42516"}, {"name": "http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.58;r2=1.59;f=h", "refsource": "CONFIRM", "url": "http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.58;r2=1.59;f=h"}, {"name": "29289", "refsource": "BID", "url": "http://www.securityfocus.com/bid/29289"}, {"name": "30284", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30284"}, {"name": "http://vuln.sg/fireftp0971-en.html", "refsource": "MISC", "url": "http://vuln.sg/fireftp0971-en.html"}, {"name": "VU#906907", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/906907"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:58:02.249Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2008-1596", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/1596/references"}, {"name": "fireftp-mlsd-list-directory-traversal(42516)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42516"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.58%3Br2=1.59%3Bf=h"}, {"name": "29289", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/29289"}, {"name": "30284", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30284"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://vuln.sg/fireftp0971-en.html"}, {"name": "VU#906907", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/906907"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-2399", "datePublished": "2008-05-22T10:00:00", "dateReserved": "2008-05-22T00:00:00", "dateUpdated": "2024-08-07T08:58:02.249Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fireftp:fireftp:*:*:*:*:*:*:*:*", "matchCriteriaId": "1648A444-E0E1-42E0-9ACD-375D1BE9CA62", "versionEndIncluding": "0.98", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "14E6A30E-7577-4569-9309-53A0AF7FE3AC", "vulnerable": false}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the FireFTP add-on before 0.98.20080518 for Firefox allows remote FTP servers to create or overwrite arbitrary files via ..\\ (dot dot backslash) sequences in responses to (1) MLSD and (2) LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en el add-on FireFTP anterior a 0.98.20080518 para Firefox, permite a los servidores FTP remotos crear o sobreescribir ficheros de su eleccci\u00f3n a trav\u00e9s de secuencias \"..\\\" (punto punto barra invertida) en respuesta a los comandos (1)MLSD y (2) LIST. Cuesti\u00f3n relativa al CVE-2002-2345. NOTA: esto puede aprovecharse para la ejecuci\u00f3n de c\u00f3digo mediante la escritura en la carpeta de inicio."}], "id": "CVE-2008-2399", "lastModified": "2024-11-21T00:46:47.833", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2008-05-22T13:09:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30284"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://vuln.sg/fireftp0971-en.html"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/906907"}, {"source": "cve@mitre.org", "url": "http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.58%3Br2=1.59%3Bf=h"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/29289"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/1596/references"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42516"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30284"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://vuln.sg/fireftp0971-en.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/906907"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.58%3Br2=1.59%3Bf=h"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/29289"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/1596/references"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42516"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}