What is the severity of CVE-2002-1345?

CVE-2002-1345 is considered to have a moderate severity due to its ability to allow file creation and overwriting by remote FTP servers.

How do I fix CVE-2002-1345?

To fix CVE-2002-1345, users should upgrade to the latest version of the affected NcFTP software or apply available patches.

Which versions are affected by CVE-2002-1345?

CVE-2002-1345 affects NcFTP versions 3.0.0 through 3.1.4 on UNIX systems.

Can CVE-2002-1345 lead to data loss?

Yes, CVE-2002-1345 can lead to data loss since it allows remote servers to overwrite files on the client system.

Is CVE-2002-1345 present in OpenBSD systems?

Yes, CVE-2002-1345 can affect OpenBSD systems that utilize the vulnerable versions of NcFTP.

Vulnerability/
CVE-2002-1345

medium

CWE

NVD-CWE-Other

17/12/2002

8/8/2024

CVE-2002-1345

First published: Tue Dec 17 2002(Updated: )

Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
ncftp	=3.0.2
ncftp	=3.1.3
ncftp	=3.1.4
ncftp	=3.0.0
ncftp	=3.1.0
ncftp	=3.0.3
ncftp	=3.1.1
ncftp	=3.0.1
ncftp	=3.1.2
ncftp	=3.0.4
SunOS	=5.7
Oracle Solaris and Zettabyte File System (ZFS)	=7.0
OpenBSD	=3.0
Oracle Solaris and Zettabyte File System (ZFS)	=2.6
SunOS

Remedy

http://www.kb.cert.org/vuls/id/210409

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2002-1345?
CVE-2002-1345 is considered to have a moderate severity due to its ability to allow file creation and overwriting by remote FTP servers.
How do I fix CVE-2002-1345?
To fix CVE-2002-1345, users should upgrade to the latest version of the affected NcFTP software or apply available patches.
Which versions are affected by CVE-2002-1345?
CVE-2002-1345 affects NcFTP versions 3.0.0 through 3.1.4 on UNIX systems.
Can CVE-2002-1345 lead to data loss?
Yes, CVE-2002-1345 can lead to data loss since it allows remote servers to overwrite files on the client system.
Is CVE-2002-1345 present in OpenBSD systems?
Yes, CVE-2002-1345 can affect OpenBSD systems that utilize the vulnerable versions of NcFTP.

agent/type
collector/mitre-cve
source/MITRE
agent/references
agent/severity
agent/weakness
agent/last-modified-date
agent/remedy
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-historical
vendor/ncftp software
product/ncftp
canonical/ncftp software ncftp
vendor/sun
product/sunos
canonical/sun sunos
product/solaris
canonical/sun solaris
vendor/openbsd
product/openbsd
canonical/openbsd openbsd
agent/software-canonical-lookup-request
collector/nvd-index
canonical/ncftp
version/ncftp/3.0.2
version/ncftp/3.1.3
version/ncftp/3.1.4
version/ncftp/3.0.0
version/ncftp/3.1.0
version/ncftp/3.0.3
version/ncftp/3.1.1
version/ncftp/3.0.1
version/ncftp/3.1.2
version/ncftp/3.0.4
canonical/sunos
version/sunos/5.7
canonical/oracle solaris and zettabyte file system (zfs)
version/oracle solaris and zettabyte file system (zfs)/7.0
canonical/openbsd
version/openbsd/3.0
version/oracle solaris and zettabyte file system (zfs)/2.6

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.