Vulnerability in Cerberusftp Ftp_server

CVE-2004-2769

Cerberus FTP Server before 4.0.3.0 allows remote authenticated users to list hidden files, even when the "Display hidden files" option is enabled, via the (1) MLSD or (2) MLST commands.

EPSS: 0.003 (51.0th percentile) — read the EPSS interpretation.

Affected products

Cerberusftp Ftp_server — versions 1.71, 4.0.0.8, 4.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

40370 (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM)
41285 (vdb-entry, x_refsource_BID)