Test Kennung:	1.3.6.1.4.1.25623.1.0.10471
Kategorie:	FTP
Titel:	Guild FTPd tells if a given file exists
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote FTP server can be used to determine if a given file exists on the remote host or not, by adding dot-dot-slashes in front of them. For instance, it is possible to determine the presence of \autoexec.bat by requesting ../../../../autoexec.bat An attacker may use this flaw to gain more knowledge about this host, such as its file layout. This flaw is specially useful when used with other vulnerabilities. Solution : Contact your vendor for the latest software release. Risk factor : Low
Querverweis:	BugTraq ID: 1452 Common Vulnerability Exposure (CVE) ID: CVE-2000-0640 http://www.securityfocus.com/bid/1452 Bugtraq: 20000708 gnu-pop3d (FTGate problem), Savant Webserver, Guild FTPd (Google Search) http://archives.neohapsis.com/archives/bugtraq/2000-07/0114.html http://www.osvdb.org/573 XForce ISS Database: guild-ftpd-disclosure(4922) https://exchange.xforce.ibmcloud.com/vulnerabilities/4922
Copyright	This script is Copyright (C) 2000 Renaud Deraison

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.