VYPR
Unrated severityNVD Advisory· Published Dec 31, 2003· Updated Jun 16, 2026

CVE-2003-1380

CVE-2003-1380

Description

Directory traversal vulnerability in BisonFTP Server 4 release 2 allows remote attackers to (1) list directories above the root via an 'ls @../' command, or (2) list files above the root via a "mget @../FILE" command.

Affected products

2
  • cpe:2.3:h:bisonftp:bisonftp_server_4:r2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:h:bisonftp:bisonftp_server_4:r2:*:*:*:*:*:*:*
    • (no CPE)range: = 4 release 2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.