FTP: Multiple FTP Server GET Command Directory Traversal

This signature detects directory traversal attempts to download a file from a malicious server. The server can embed a directory traversal attack in the filename to specify the exact file download location on the client machine.

Extended Description

Successful exploitation of the vulnerability could allow an attacker to inject malicious files on a victim machine, in an arbitrary directory.

References

CVE: CVE-2005-2126

Short Name
FTP:COMMAND:GET-CMD-DIR-TRAV
Severity
Minor
Recommended
False
Recommended Action
None
Category
FTP
Keywords
CVE-2004-1376 CVE-2005-2126 CVE-2015-7603 Command Directory FTP GET Multiple Server Traversal
Release Date
01/05/2005
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3375
False Positive
Unknown
CVSS Score

2.6

7.8

5.0

Found a potential security threat?