VYPR
Unrated severityNVD Advisory· Published May 2, 2005· Updated Jun 16, 2026

CVE-2005-1238

CVE-2005-1238

Description

By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document root, which allows attackers to read or write arbitrary files, including sensitive QSYS databases, via a full pathname in a GET or PUT request.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.