CVE-2000-0587
The privpath directive in glftpd 1.18 allows remote attackers to bypass access restrictions for directories by using the file name completion capability.
| Software | From | Fixed in |
|---|---|---|
| glftpd / glftpd | 1.20 | 1.20.x |
| glftpd / glftpd | 1.19 | 1.19.x |
| glftpd / glftpd | 1.21b3 | 1.21b3.x |
| glftpd / glftpd | 1.21b8 | 1.21b8.x |
| glftpd / glftpd | 1.21b6 | 1.21b6.x |
| glftpd / glftpd | 1.21b5 | 1.21b5.x |
| glftpd / glftpd | 1.18 | 1.18.x |
| glftpd / glftpd | 1.21b2 | 1.21b2.x |
| glftpd / glftpd | 1.21b4 | 1.21b4.x |
| glftpd / glftpd | 1.21b7 | 1.21b7.x |
| glftpd / glftpd | 1.21b1 | 1.21b1.x |
- http://archives.neohapsis.com/archives/bugtraq/2000-06/0317.html
- http://www.securityfocus.com/bid/1401
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.10006261041360.31907-200000@twix.thrijswijk.nl
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.10006261041360.31907-200000%40twix.thrijswijk.nl
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime