CVE-2007-6736
published 2010-10-19CVE-2007-6736: Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.2.0 allow remote authenticated users to access arbitrary files and…
PriorityP430medium6.5CVSS 2.0
AVNACLAuSCPIPAP
EPSS
1.26%
65.9th percentile
Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.2.0 allow remote authenticated users to access arbitrary files and directories via a .. (dot dot) in a (1) LIST, (2) STOR, or (3) RETR command.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | python-pyftpdlib | — | — |
| g.rodola | pyftpdlib | <= 0.1.1 | — |
| g.rodola | pyftpdlib | — | — |
| g.rodola | pyftpdlib | >= 0 < 0.2.0 | 0.2.0 |
CVSS provenance
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
vendor_debian6.5LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2007-6736: python-pyftpdlib - Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before...
vendor_debian·2007·CVSS 6.5
CVE-2007-6736 [MEDIUM] CVE-2007-6736: python-pyftpdlib - Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before...
Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.2.0 allow remote authenticated users to access arbitrary files and directories via a .. (dot dot) in a (1) LIST, (2) STOR, or (3) RETR command.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
OSV
Directory Traversal in pyftpdlib
osv·2022-05-01
CVE-2007-6736 [MEDIUM] Directory Traversal in pyftpdlib
Directory Traversal in pyftpdlib
Python FTP server library provides a high-level portable interface to easily write very efficient, scalable and asynchronous FTP servers with Python. Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.2.0 allow remote authenticated users to access arbitrary files and directories via a .. (dot dot) in a (1) LIST, (2) STOR, or (3) RETR command.
GHSA
Directory Traversal in pyftpdlib
ghsa·2022-05-01
CVE-2007-6736 [MEDIUM] CWE-22 Directory Traversal in pyftpdlib
Directory Traversal in pyftpdlib
Python FTP server library provides a high-level portable interface to easily write very efficient, scalable and asynchronous FTP servers with Python. Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.2.0 allow remote authenticated users to access arbitrary files and directories via a .. (dot dot) in a (1) LIST, (2) STOR, or (3) RETR command.
OSV
CVE-2007-6736: Multiple directory traversal vulnerabilities in FTPServer
osv·2010-10-19
CVE-2007-6736 CVE-2007-6736: Multiple directory traversal vulnerabilities in FTPServer
Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.2.0 allow remote authenticated users to access arbitrary files and directories via a .. (dot dot) in a (1) LIST, (2) STOR, or (3) RETR command.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://code.google.com/p/pyftpdlib/issues/detail?id=9http://code.google.com/p/pyftpdlib/source/browse/trunk/HISTORYhttp://code.google.com/p/pyftpdlib/source/detail?r=16http://code.google.com/p/pyftpdlib/source/diff?spec=svn16&r=16&format=side&path=/trunk/pyftpdlib/FTPServer.pyhttp://code.google.com/p/pyftpdlib/issues/detail?id=9http://code.google.com/p/pyftpdlib/source/browse/trunk/HISTORYhttp://code.google.com/p/pyftpdlib/source/detail?r=16http://code.google.com/p/pyftpdlib/source/diff?spec=svn16&r=16&format=side&path=/trunk/pyftpdlib/FTPServer.py
2010-10-19
Published