Evolvable Shambala Server FTP Server Directory Traversal Vulnerability

info
discussion
exploit
solution
references

Evolvable Shambala Server FTP Server Directory Traversal Vulnerability

Shambala Server is a FTP, Web, and Chat server targeted for the Small Office/Home Office user.

It has been reported that Shambala Server's FTP server is vulnerable to a directory traversal condition. By using directory traversal sequences (ie '/../', '..'), an attacker can obtain files outside of the permitted directory structure.