Alex Linde Alex's Ftp Server Directory Traversal Vulnerability

By including '/.../' sequences in a GET request, along with a known file or directory name, a user can obtain read access to the requested directories and files outside the FTP root, potentially compromising the privacy of user data and/or obtaining information which could be used to further compromise the host.


 

Privacy Statement
Copyright 2010, SecurityFocus