Upstream information

CVE-2010-3096 at MITRE

Description

Directory traversal vulnerability in SoftX FTP Client 3.3 and possibly earlier allows remote FTP servers to write arbitrary files via "..\" (dot dot backslash) sequences in a filename.

SUSE information

Overall state of this security issue: Ignore

This issue is currently rated as having critical severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 9.3
Vector AV:N/AC:M/Au:N/C:C/I:C/A:C
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
No SUSE Bugzilla entries cross referenced.

SUSE Security Advisories:
  • TID7021279, published Sa 3. Mär 12:00:59 CET 2018
  • TID7021676, published Sa 3. Mär 10:24:18 CET 2018
  • TID7021848, published Sa 3. Mär 12:00:57 CET 2018
  • TID7022077, published Sat Mar 3 09:45:43 UTC 2018