CVE-2001-0283
SunFTP build 9 - Directory Traversal via Dot-Dot in FTP Commands
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2001-0283. PoCs published by se00020.
AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in SunFTP, allowing authenticated users to upload or retrieve files outside the FTP root directory. The PoC shows commands to read and write files outside the intended directory structure.
Description
Directory traversal vulnerability in SunFTP build 9 allows remote attackers to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAME, or (5) PUT.
Exploits (1)
This exploit demonstrates a directory traversal vulnerability in SunFTP, allowing authenticated users to upload or retrieve files outside the FTP root directory. The PoC shows commands to read and write files outside the intended directory structure.