CVE-2006-5981
seleniumserver_ftp_server 1.0 - Path Traversal via DIR LIST NLST GET RETR and PUT STOR Commands
Title source: llmDescription
Multiple directory traversal vulnerabilities in SeleniumServer FTP Server 1.0, and possibly earlier, allow remote attackers to list arbitrary directories, read arbitrary files, and upload arbitrary files via directory traversal sequences in the (1) DIR (LIST or NLST), (2) GET (RETR), and (3) PUT (STOR) commands.
References (5)
Core 5
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/22928
Various Sources x_refsource_misc
http://whitestar.linuxbox.org/pipermail/exploits/2006-November/000037.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/30448
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/30332
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/4540
Scores
EPSS
0.0163
EPSS Percentile
73.4%
Details
CWE
CWE-22
Status
published
Products (1)
biba_software/seleniumserver_ftp_server
1.0
Published
Nov 20, 2006
Tracked Since
Feb 18, 2026