CVE-2005-1025

Published: Apr 9, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

The FTP server in AS/400 4.3, when running in IFS mode, allows remote attackers to obtain sensitive information via a symlink attack using RCMD and the ADDLNK utility, as demonstrated using the QSYS.LIB library.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

15300

vdb-entry

x_refsource_OSVDB

http://www.venera.com/downloads/AS400_user_accounts_ftp_disclosure.pdf

x_refsource_MISC

20050404 Disclosure of AS/400 user accounts via the FTP server

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2005-1025

Description

Affected Products

References