|
Family: FTP --> Category: infos
glFTPD ZIP Plugins Multiple Directory Traversal Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary Checks the banner of the remote glFTPD server
Detailed Explanation for this Vulnerability Test
The remote glFTPD server is vulnerable to various directory traversal
vulnerabilities when handling .ZIP files.
The tests 'sitenfo.sh', 'sitezipchk.sh' and 'siteziplist.sh' are vulnerable
to a directory traversal vulnerability which may allow a possible hacker to force
the remote server to disclose arbitrary files by sending a specially
crafted request to the remote host.
Solution : Upgrade to glFTPd 2.0.0 RC8 or newer
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|