Vulnerability CVE-2006-5950


Published: 2006-11-16   Modified: 2012-02-12

Description:
Unspecified vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote authenticated users to obtain the installation path via unknown vectors related to the REN command, probably due to response messages. NOTE: the provenance of this information is unknown; details are obtained from third party sources.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Altools -> Alftp ftp server 

 References:
http://xforce.iss.net/xforce/xfdb/30281
http://www.vupen.com/english/advisories/2006/4518
http://www.securityfocus.com/bid/21058
http://secunia.com/advisories/22874

Copyright 2022, cxsecurity.com

 

Back to Top