CVE-2001-1335

CesarFTP 0.98b - Authenticated Directory Traversal via Modified Dot Dot Sequence

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-1335. PoCs published by byterage.

AI-analyzed exploit summary The exploit describes a directory traversal vulnerability in CesarFTP on Windows 98/Me systems. By using '...%5c/' in the FTP path, an authenticated user can escape the restricted directory and gain read access to the entire filesystem.

Description

Directory traversal vulnerability in CesarFTP 0.98b and earlier allows remote authenticated users (such as anonymous) to read arbitrary files via a GET with a filename that contains a ...%5c (modified dot dot).

Exploits (1)

exploitdb WRITEUP VERIFIED

by byterage · textremotewindows

https://www.exploit-db.com/exploits/20884

View Code ZIP pw:eip

The exploit describes a directory traversal vulnerability in CesarFTP on Windows 98/Me systems. By using '...%5c/' in the FTP path, an authenticated user can escape the restricted directory and gain read access to the entire filesystem.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: CesarFTP on Windows 98/Me

Auth required

Prerequisites: Authenticated FTP access · CesarFTP running on Windows 98/Me

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Vendor Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/6606.php

Third Party Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2001-05/0252.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/2786

Scores

EPSS 0.0819

EPSS Percentile 94.1%

Details

Status published

Products (1)

aclogic/cesarftp 0.98b

Published May 27, 2001

Tracked Since Feb 18, 2026