CVE-2005-0372
EPSS 4.1%gftp - missing input sanitising
發布日:2005/5/2修改日:2026/4/28
也稱為:DEBIAN-CVE-2005-0372
描述
Directory traversal vulnerability in gftp before 2.0.18 for GTK+ allows remote malicious FTP servers to read arbitrary files via .. (dot dot) sequences in filenames returned from a LIST command.
受影響套件(2)
- Debian/gftpfrom 0, < 2.0.18-1
- Debian/gftpfrom 0, < 2.0.11-1woody1