CVE-2002-1943

SafeTP 1.46 - Internal IP Address Leak via PASV Response

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-1943. PoCs published by Jonathan G. Lampe.

AI-analyzed exploit summary This is a writeup demonstrating an information leak vulnerability in SafeTP where passive mode reveals internal IP addresses behind NAT. The example shows a failed connection attempt exposing the internal IP (192.168.3.162).

Description

SafeTP 1.46, when network address translation (NAT) is being used, leaks the internal IP address of the FTP server in a response to a passive mode (PASV) file transfer request.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Jonathan G. Lampe · textremotemultiple
https://www.exploit-db.com/exploits/21876

This is a writeup demonstrating an information leak vulnerability in SafeTP where passive mode reveals internal IP addresses behind NAT. The example shows a failed connection attempt exposing the internal IP (192.168.3.162).

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: SafeTP (WS_FTP Server 3.1.0)
Auth required
Prerequisites: Authenticated FTP session · Passive mode enabled
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://online.securityfocus.com/archive/1/293443
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5822
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10210.php

Scores

EPSS 0.0270
EPSS Percentile 84.1%

Details

Status published
Products (1)
safetp/safetp_server 1.46
Published Dec 31, 2002
Tracked Since Feb 18, 2026