• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

TNFTP FTP Client Directory Traversal Vulnerability

The tnftp FTP client is reported susceptible to a directory traversal vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input data.

This vulnerability results in the ability of the attacker controlling a malicious remote server being able to write to arbitrary locations on the client's computer with the privileges of the user invoking the vulnerable FTP client. Depending on the particular configuration of the vulnerable FTP client, new files may be created, files may be overwritten, or appended to. Depending on the configuration, this may also occur without confirmation.