← back
CVE-2005-1025

CVE-2005-1025

EPSS 2.3%
The FTP server in AS/400 4.3, when running in IFS mode, allows remote attackers to obtain sensitive information via a symlink attack using RCMD and the ADDLNK utility, as demonstrated using the QSYS.LIB library.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://marc.info/?l=bugtraq&m=111264136829017&w=2http://www.osvdb.org/15300http://www.venera.com/downloads/AS400_user_accounts_ftp_disclosure.pdf