Vulnerabilities

CVE-2005-1238

by Fred · 24/04/2005

By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document root, which allows attackers to read or write arbitrary files, including sensitive QSYS databases, via a full pathname in a GET or PUT request.

Date published : 2005-04-24

http://www.securityfocus.com/archive/1/396628

http://www.venera.com/downloads/Canonicalization_problems_in_iSeries_FTP_security.pdf

Similar

Tags: Cybersecurity Alert