Security Advisory

CVE-2005-1238

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2005-04-24 04:00:00

Last updated 2024-08-07 21:44:05

Assigner mitre

State PUBLISHED

Description

By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document root, which allows attackers to read or write arbitrary files, including sensitive QSYS databases, via a full pathname in a GET or PUT request.

← Browse all CVEs View on cve.org ↗