Unrated severityNVD Advisory· Published Mar 30, 2005· Updated Apr 16, 2026

CVE-2005-0483

Description

Multiple directory traversal vulnerabilities in sitenfo.sh, sitezipchk.sh, and siteziplist.sh in Glftpd 1.26 to 2.00 allow remote authenticated users to (1) determine the existence of arbitrary files, (2) list files in restricted directories, or (3) read arbitrary files from within ZIP or gzip files, via .. (dot dot) sequences and globbing ("*") characters in a SITE NFO command.

Affected products

Glftpd/Glftpd14 versions
cpe:2.3:a:glftpd:glftpd:1.26:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:glftpd:glftpd:1.26:*:*:*:*:*:*:*
- cpe:2.3:a:glftpd:glftpd:1.27:*:*:*:*:*:*:*
- cpe:2.3:a:glftpd:glftpd:1.28:*:*:*:*:*:*:*
- cpe:2.3:a:glftpd:glftpd:1.29.1:*:*:*:*:*:*:*
- cpe:2.3:a:glftpd:glftpd:1.31:*:*:*:*:*:*:*
- cpe:2.3:a:glftpd:glftpd:1.32:*:*:*:*:*:*:*
- cpe:2.3:a:glftpd:glftpd:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:glftpd:glftpd:2.0_rc1:*:*:*:*:*:*:*
- cpe:2.3:a:glftpd:glftpd:2.0_rc2:*:*:*:*:*:*:*
- cpe:2.3:a:glftpd:glftpd:2.0_rc3:*:*:*:*:*:*:*
- cpe:2.3:a:glftpd:glftpd:2.0_rc4:*:*:*:*:*:*:*
- cpe:2.3:a:glftpd:glftpd:2.0_rc5:*:*:*:*:*:*:*
- cpe:2.3:a:glftpd:glftpd:2.0_rc6:*:*:*:*:*:*:*
- cpe:2.3:a:glftpd:glftpd:2.0_rc7:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/archive/1/390924nvdExploitVendor Advisory
www.securityfocus.com/bid/12586nvdExploitVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/19401nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000