CVE-2005-0520

Description

ArGoSoft FTP Server before 1.4.2.8 allows remote attackers to read arbitrary files via shortcut (.LNK) files in the SITE COPY command, a different vulnerability than CVE-2005-0519.

Affected products

• argosoft / ftp_server1.4.1.1 – 1.4.1.1
• argosoft / ftp_server1.4.1.2 – 1.4.1.2
• argosoft / ftp_server1.4.1.3 – 1.4.1.3
• argosoft / ftp_server1.4.1.4 – 1.4.1.4
• argosoft / ftp_server1.4.1.5 – 1.4.1.5
• argosoft / ftp_server1.4.1.6 – 1.4.1.6
• argosoft / ftp_server1.4.1.7 – 1.4.1.7
• argosoft / ftp_server1.4.1.8 – 1.4.1.8
• argosoft / ftp_server1.4.1.9 – 1.4.1.9
• argosoft / ftp_server1.4.2 – 1.4.2
• argosoft / ftp_server1.4.2.1 – 1.4.2.1
• argosoft / ftp_server1.4.2.2 – 1.4.2.2

References

• VENDOR_ADVISORYhttp://secunia.com/advisories/14372
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/19442
• MISChttp://www.argosoft.com/ftpserver/changelist.aspx
• MISChttp://www.securityfocus.com/bid/12632
• MISChttp://www.osvdb.org/14061