{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-03-06T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Absolute path traversal vulnerability in the FTP server in MicroWorld eScan Corporate Edition 9.0.742.98 and eScan Management Console (aka eScan Server) 9.0.742.1 allows remote attackers to read arbitrary files via an absolute pathname in the RETR (get) command."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "3723", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3723"}, {"name": "29246", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29246"}, {"tags": ["x_refsource_MISC"], "url": "http://aluigi.altervista.org/adv/escaz-adv.txt"}, {"name": "28127", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/28127"}, {"name": "20080306 Directory traversal in MicroWorld eScan Server 9.0.742.98", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/489228/100/0/threaded"}, {"name": "escan-filename-directory-traversal(41033)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41033"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-1221", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Absolute path traversal vulnerability in the FTP server in MicroWorld eScan Corporate Edition 9.0.742.98 and eScan Management Console (aka eScan Server) 9.0.742.1 allows remote attackers to read arbitrary files via an absolute pathname in the RETR (get) command."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "3723", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3723"}, {"name": "29246", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29246"}, {"name": "http://aluigi.altervista.org/adv/escaz-adv.txt", "refsource": "MISC", "url": "http://aluigi.altervista.org/adv/escaz-adv.txt"}, {"name": "28127", "refsource": "BID", "url": "http://www.securityfocus.com/bid/28127"}, {"name": "20080306 Directory traversal in MicroWorld eScan Server 9.0.742.98", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/489228/100/0/threaded"}, {"name": "escan-filename-directory-traversal(41033)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41033"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:17:34.220Z"}, "title": "CVE Program Container", "references": [{"name": "3723", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/3723"}, {"name": "29246", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29246"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://aluigi.altervista.org/adv/escaz-adv.txt"}, {"name": "28127", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/28127"}, {"name": "20080306 Directory traversal in MicroWorld eScan Server 9.0.742.98", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/489228/100/0/threaded"}, {"name": "escan-filename-directory-traversal(41033)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41033"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-1221", "datePublished": "2008-03-10T17:00:00.000Z", "dateReserved": "2008-03-10T00:00:00.000Z", "dateUpdated": "2024-08-07T08:17:34.220Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microworld_technologies:escan:9.0.742.98:*:corporate:*:*:*:*:*", "matchCriteriaId": "E907C054-C11D-4615-94A8-7B62F53F55FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:microworld_technologies:escan_management_console:9.0.742.1:*:*:*:*:*:*:*", "matchCriteriaId": "C0D2471F-45F6-4D2F-8DB2-DE33A3223ED1", "vulnerable": true}, {"criteria": "cpe:2.3:a:microworld_technologies:escan_server:9.0.742.1:*:*:*:*:*:*:*", "matchCriteriaId": "135425E9-78BB-4858-8D76-91F7D5159254", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Absolute path traversal vulnerability in the FTP server in MicroWorld eScan Corporate Edition 9.0.742.98 and eScan Management Console (aka eScan Server) 9.0.742.1 allows remote attackers to read arbitrary files via an absolute pathname in the RETR (get) command."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio absoluto en el servidor FTP de MicroWorld eScan Corporate Edition 9.0.742.98 y eScan Management Console (tambi\u00e9n conocido como eScan Server) 9.0.742.1, permite a atacantes remotos leer ficheros de su elecci\u00f3n mediante un nombre de ruta absoluto en el comando RETR (get)."}], "id": "CVE-2008-1221", "lastModified": "2026-04-23T00:35:47.467", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-03-10T17:44:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://aluigi.altervista.org/adv/escaz-adv.txt"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://secunia.com/advisories/29246"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/3723"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/489228/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/28127"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41033"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://aluigi.altervista.org/adv/escaz-adv.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "http://secunia.com/advisories/29246"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/3723"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/489228/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/28127"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41033"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}