CVE-1999-0083

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Jun 11, 1997
Updated: Aug 17, 2022

Summary

CVE-1999-0083 is a vulnerability affecting FTP (File Transfer Protocol) servers that use the getcwd() function. This function, which returns the current working directory as a string, unintentionally leaks file descriptors. An attacker can exploit this vulnerability by making a carefully crafted directory request, which causes the server to disclose sensitive information, including file paths and potentially, access to protected files. This issue can lead to unauthorized file access, information disclosure, and other malicious activities. It is highly recommended for FTP server administrators to upgrade or patch their systems to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • SGI IRAX

Affected Vendors

  • Saskatchewan Government Insurance