CVE-2014-1442 - OpenCVE

Directory traversal vulnerability in Core FTP Server 1.2 before build 515 allows remote authenticated users to determine the existence of arbitrary files via a /../ sequence in an XCRC command.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Coreftp	Core Ftp

Configuration 1 [-]

cpe:2.3:a:coreftp:core_ftp:1.2:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://coreftp.com/forums/viewtopic.php?t=2985707
http://packetstormsecurity.com/files/125073/Core-FTP-Server-1.2-DoS-Traversal-Disclosure.html
http://seclists.org/fulldisclosure/2014/Feb/39
http://secunia.com/advisories/56850
http://www.osvdb.org/102967

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-05-02T01:00:00

Updated: 2024-08-06T09:42:35.309Z

Reserved: 2014-01-14T00:00:00

Link: CVE-2014-1442

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2014-05-02T01:59:22.390

Modified: 2014-05-02T15:19:26.310

Link: CVE-2014-1442

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-02-05T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in Core FTP Server 1.2 before build 515 allows remote authenticated users to determine the existence of arbitrary files via a /../ sequence in an XCRC command."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-05-02T00:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/125073/Core-FTP-Server-1.2-DoS-Traversal-Disclosure.html"}, {"name": "102967", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/102967"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://coreftp.com/forums/viewtopic.php?t=2985707"}, {"name": "56850", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/56850"}, {"name": "20140205 Core FTP Server Vulnerabilities", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2014/Feb/39"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-1442", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in Core FTP Server 1.2 before build 515 allows remote authenticated users to determine the existence of arbitrary files via a /../ sequence in an XCRC command."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://packetstormsecurity.com/files/125073/Core-FTP-Server-1.2-DoS-Traversal-Disclosure.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/125073/Core-FTP-Server-1.2-DoS-Traversal-Disclosure.html"}, {"name": "102967", "refsource": "OSVDB", "url": "http://www.osvdb.org/102967"}, {"name": "http://coreftp.com/forums/viewtopic.php?t=2985707", "refsource": "CONFIRM", "url": "http://coreftp.com/forums/viewtopic.php?t=2985707"}, {"name": "56850", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56850"}, {"name": "20140205 Core FTP Server Vulnerabilities", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2014/Feb/39"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:42:35.309Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/125073/Core-FTP-Server-1.2-DoS-Traversal-Disclosure.html"}, {"name": "102967", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/102967"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://coreftp.com/forums/viewtopic.php?t=2985707"}, {"name": "56850", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/56850"}, {"name": "20140205 Core FTP Server Vulnerabilities", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2014/Feb/39"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-1442", "datePublished": "2014-05-02T01:00:00", "dateReserved": "2014-01-14T00:00:00", "dateUpdated": "2024-08-06T09:42:35.309Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}