FKIE_CVE-2004-2769
Vulnerability from fkie_nvd - Published: 2010-07-02 20:30 - Updated: 2026-04-29 01:13
Severity
Summary
Cerberus FTP Server before 4.0.3.0 allows remote authenticated users to list hidden files, even when the "Display hidden files" option is enabled, via the (1) MLSD or (2) MLST commands.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF4C13C-0501-4DB5-829F-D34DABCB2540",
"versionEndIncluding": "4.0.2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B584BB0D-C9F0-42E4-8CB2-F7AFB31884A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "E35C53A7-91D6-46F3-B294-07FCB721AF05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "664176FA-1775-46AF-9EA2-3B5C96A36A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D6D98E88-557E-4249-8D30-4F1EE7ECE5C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "7097C6AD-6BE7-4267-9C88-E097A0CFC0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "80EB8701-85F8-4BA5-8A93-1B47E655B8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "207A3423-BE63-4B3A-BC28-8643048C096F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "91BB1247-BE77-4075-B6AE-5E28A3D9B594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "D69CDFCD-ACA9-42E9-BBD8-90F6A69E4468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9590014E-7F1A-4799-80FE-9041192D3CBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "67B56FFF-E508-476D-B2AD-24DC999F3582",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.71:*:*:*:*:*:*:*",
"matchCriteriaId": "CA0854BD-2D96-403C-BB22-BC1BE162E241",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B36CD14-4E0E-4238-9AEA-37D879F995A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "3B0F42BB-61DB-4268-9092-05052D478AB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "819A6EF5-107C-47DF-BFFD-5BA29428F280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "117D42CD-F063-41CD-AABF-A0C96E35D838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "62D032F0-28E2-4EB2-A3DC-67413BF08C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5EEDD9AC-75E7-49F3-9362-D4B99A944C3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1DCA79-73FA-46D4-AF57-074373DE7503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "80D47E85-BB68-4C4D-8888-25422AC4B76D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E842263-7AF3-463D-814D-F63199F3C21B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.02:beta:*:*:*:*:*:*",
"matchCriteriaId": "C63CED4F-F823-4310-AD78-11B5C82167E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.2:beta1:*:*:*:*:*:*",
"matchCriteriaId": "3445BC51-DB9F-4E14-B0DE-806FBCD9641E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.2:beta2:*:*:*:*:*:*",
"matchCriteriaId": "B7454163-9481-4CBD-85CB-9C6798181E05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.2:beta3:*:*:*:*:*:*",
"matchCriteriaId": "3F169EEB-89E1-4248-A185-38433D1A8573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5D97C7-5A06-44EF-BF46-F5DE3C30F16E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1FA9C0-77D0-403C-ADED-7D9E89BFFC96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.4:beta1:*:*:*:*:*:*",
"matchCriteriaId": "C4B7B5AB-3C5E-4D9A-816C-892FD4DA3284",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.4:beta2:*:*:*:*:*:*",
"matchCriteriaId": "EBF4BA1E-5B31-42FD-897A-455FDF9C0A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.4:beta3:*:*:*:*:*:*",
"matchCriteriaId": "FCE4860E-8A9F-4E38-81DC-291F317E8700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "35F0613F-FD01-4E57-BD8F-181DC14A948C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.11:beta:*:*:*:*:*:*",
"matchCriteriaId": "620FAAEE-A52D-4710-BCB0-3D07F1453BF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.11:beta2:*:*:*:*:*:*",
"matchCriteriaId": "FBE8B552-FA88-4C5C-9296-6BC9908E3F2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B752D925-6A84-4885-A697-D868C06B1E25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.15:beta:*:*:*:*:*:*",
"matchCriteriaId": "29440529-9BDA-4738-853E-85E54CB951C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "8C3E6A73-0475-46AB-9B88-690A39D3E411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF2C736-C686-4501-A4AE-227ABC218EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1F59FE48-F91C-45FD-BB3C-4F5186C430D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.23:beta:*:*:*:*:*:*",
"matchCriteriaId": "EEA0F5DF-228C-4F01-8A8F-90A9A6FBDF10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.31:*:*:*:*:*:*:*",
"matchCriteriaId": "9D0D9A2E-6B38-437F-B89C-AC7546057B6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "2093E888-B80F-4318-AD14-CE0295E3B0E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.41:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B0C7F7-9349-4AC9-8D74-E2C8AB1F0C13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.42:*:*:*:*:*:*:*",
"matchCriteriaId": "23B56CAD-6783-46E5-A82D-EB2A14A8A354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.43:*:*:*:*:*:*:*",
"matchCriteriaId": "14182912-05FE-4CD3-B457-6EFF91D8DF42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.44:*:*:*:*:*:*:*",
"matchCriteriaId": "2B06481D-2BB9-4A56-AE8B-1A264B4EE207",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.45:*:*:*:*:*:*:*",
"matchCriteriaId": "FB03F569-A146-4D9D-B065-46D95BE8FDF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.46:*:*:*:*:*:*:*",
"matchCriteriaId": "543E96D3-6882-405C-9E9C-0B36D426C0F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.47:*:*:*:*:*:*:*",
"matchCriteriaId": "C87C96DD-5302-45CB-B95D-3D174420CE99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.48:*:*:*:*:*:*:*",
"matchCriteriaId": "C8F27A27-2596-4562-B739-083EBF272763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.49:*:*:*:*:*:*:*",
"matchCriteriaId": "01A7296B-F5F4-43E2-8527-304EEA996629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.50:*:*:*:*:*:*:*",
"matchCriteriaId": "1ABED3D7-4B80-46D8-88F4-0F66510D2E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC21599-EB4C-49CD-A046-13148102E43F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "363BB778-0C5C-4FEC-BC82-250C026BDE06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0761D7FE-1EB2-4D94-BD38-2F7B8AA8970B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "883FE03E-555B-49E7-BECA-8554F05D007E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E9C71CB9-59D4-44BC-BD79-2E3004D3A1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5512BB61-B912-407F-8398-E49D05B2887C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BDC63773-FBA3-45CF-95DC-AE86D621217E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF37E3B-B1E3-4200-9A5B-34FCBFAC830A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF3E234-FB2A-4906-A3E2-E08A8BCDB1BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "074DDB0D-D55A-4BB5-AF54-82AE2453AB0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7816C89-2D67-463E-B2B7-B4ACEB24F89B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9CC79111-1B16-4C8D-BEF3-578789D7F662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D846F22D-3BED-4D12-8B0D-99AF20FF1FA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0EC052F4-074D-4A1C-ACF9-628782345430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B0923BF4-AC10-4DC0-BF1B-6AE80D5C51B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CE2E29B7-BB38-430B-949A-EDCA45833CCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE9FE3C-8ED8-4CDA-B032-42BEB08C446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39D76CD3-EBAB-4847-A570-D2C0C5B0DC7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "837B942E-8815-4C27-ABF1-4B3131C3CFD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F3EBCA3-E786-49CB-8CAF-34D35D4A3C83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:4.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB613A86-7837-4C5B-9194-3238D9BD2F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:4.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "018B6603-904D-42FA-B1C3-6EAD3CE6B8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:4.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A2738E91-6B27-4918-8CFD-FB17685D431A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:4.0.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7BCD1A-8EC9-4527-AA66-A3C109D6064C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A46EFDE2-8E57-4102-8DC0-F8D626D5C052",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:4.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "281FCCA7-0558-4230-A295-43D8588103A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cerberusftp:ftp_server:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB7F85EE-3412-467E-A3B5-D9828CBCE31C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cerberus FTP Server before 4.0.3.0 allows remote authenticated users to list hidden files, even when the \"Display hidden files\" option is enabled, via the (1) MLSD or (2) MLST commands."
},
{
"lang": "es",
"value": "Cerberus FTP Server antes de v4.0.3.0 permite listar los archivos ocultos a usuarios remotos autenticados, incluso cuando la opci\u00f3n \"Mostrar archivos ocultos\" est\u00e1 deshabilitada, a trav\u00e9s de los comandos (1) MLSD o (2) MLST."
}
],
"id": "CVE-2004-2769",
"lastModified": "2026-04-29T01:13:23.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-07-02T20:30:01.613",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40370"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cerberusftp.com/phpBB3/viewtopic.php?f=4\u0026t=644"
},
{
"source": "cve@mitre.org",
"url": "http://www.cerberusftp.com/releasenotes.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/41285"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cerberusftp.com/phpBB3/viewtopic.php?f=4\u0026t=644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cerberusftp.com/releasenotes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/41285"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…