Core FTP 'LIST' Command Directory Traversal Vulnerability

Core FTP is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting this issue allows an attacker to write arbitrary files to locations outside of the FTP client's current directory. This could help the attacker launch further attacks.

Core FTP LE/PRO 2.1 Build 1565 is vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus