Description
Directory traversal vulnerability in SunFTP build 9 allows remote attackers to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAME, or (5) PUT.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by se00020 · textremotewindows
https://www.exploit-db.com/exploits/20653
References (1)
Core 1
Core References
Exploit, Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0523.html
Scores
EPSS
0.0271
EPSS Percentile
86.0%
Details
Status
published
Products (1)
sun/sun_ftp
build_9
Published
May 03, 2001
Tracked Since
Feb 18, 2026