Multiple Vendor FTP Client Side File Overwriting Vulnerability

Multiple Vendor FTP Client Side File Overwriting Vulnerability

Several FTP clients distributed with various operating systems may handle NLST FTP responses in an insecure manner.

When an NLST response is received from an FTP server, RFC specifications require that FTP clients check the input to see if it contains directory information. Some FTP clients fail to properly check this information and may allow a remote FTP server to overwrite files on the client system.