mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-12-30 07:57:55 +00:00
288 lines
10 KiB
JSON
288 lines
10 KiB
JSON
{
|
|
"id": "CVE-2010-4153",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2010-11-03T20:00:03.873",
|
|
"lastModified": "2024-11-21T01:20:19.353",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably earlier, allows remote FTP servers to write arbitrary files via a \"..\\\" (dot dot backslash) in a filename."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad de salto de directorio en CrossFTP Pro v1.65a y posiblemente versiones previas, permite a servidores FTP remotos crear archivos de su elecci\u00f3n a trav\u00e9s de la secuencia \"..\\\" en el nombre de archivo."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
|
"baseScore": 9.3,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE"
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-22"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "1.65a",
|
|
"matchCriteriaId": "53120C61-E457-4331-9A43-AE1E8ADCF09B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.14:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E084FFA7-7591-4ABC-8CDE-D2FD865C0207"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.15:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "06BFC7EA-F34E-4CB0-964C-8D728F380B7C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.16:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3C564B2E-2A7E-4012-9374-EF4506D498C3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.17:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8D7EE7D9-6245-4300-A110-DDC9D7D39675"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.18:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "ECEB9274-7900-48E0-9E1B-E8FCBC315F31"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.19:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "287A0457-E738-4CAC-B44D-5731EC91A022"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.20:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AD4BA2D1-E5AC-45CA-997A-F1C3D2DD8B48"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.21:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3425DE23-2210-4B67-8924-F715F4EF02D9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.22:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "83B045F0-0ABC-48D0-B50F-12BF319F6C84"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.23:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "26C1A77D-8457-42E8-9183-127DA33F2655"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.24:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0D5CD13D-51B7-49F7-A4C9-91316E5FC112"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.25:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7B02DD81-5BB3-4D7D-9592-3F7E89632E2F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.26:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "37305540-737C-4467-8CA3-2489D3BEC2A8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.27:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6C64EA42-A5F6-4A4C-9972-C68755B66040"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.28:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "258EB714-AC71-4C74-BF6E-1C57A4F7983E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.29:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "94C353DD-D09B-4023-8765-110A37364724"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.30:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1D0D5336-0306-4F23-8FC2-AEE856F9A97E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.31:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4B4D40D9-3763-4F1A-80C4-B1C8C4C1736A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.32:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "405DCB68-F769-410E-86F5-F74A8F4CD004"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.33:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "30DF8A69-B7EB-4DF2-B2FE-19A04E4A6BD2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.34:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E0786C1D-D0A4-48AD-9A6B-A07CA52D2EE4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.35:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D810E9FA-B43C-4845-B9FB-C08A1A278D11"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.36:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C94C53D4-8EBE-4C10-A48C-F33B2DA14090"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.37:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C1779BE1-B364-4A7E-B335-A55D598CB271"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.38:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C9E28839-BF19-4F5D-B602-C0F8AB2D7744"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.39:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "40FE0B26-3EAA-4D98-9E3F-401DCD86A8AF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.40:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E0881CF1-4DD1-411C-8627-4571FAF26AA3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.41:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7C66C878-AE67-42AE-9B66-0A07AA71A7DB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.42:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CB3D0B5F-F0A1-4E01-8C0E-7BD19E697CAF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.50:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "72433164-9035-4CB5-B584-95E88EF7C7E4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.51:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C88ED85B-D6CC-4B50-91CE-41B8B3B17EFA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.52:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "39DE12B2-5E52-4CC1-BF3A-3CBD67358BA2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:crossftp:crossftp_pro:1.53:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0262C5E7-B0A7-4806-BCD6-656CFD98D179"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://secunia.com/advisories/41852",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.htbridge.ch/advisory/directory_traversal_vulnerability_in_crossftp_pro.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.osvdb.org/68700",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/44070",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62549",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/41852",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.htbridge.ch/advisory/directory_traversal_vulnerability_in_crossftp_pro.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.osvdb.org/68700",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/44070",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62549",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |