jarle aase war ftpd 1.67 b04 - Directory Traversal
| EKU-ID: 26209 | CVE: CVE-2001-0295;OSVDB-874 | OSVDB-ID: |
| Author: se00020 | Published: 2001-03-06 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 26209 | CVE: CVE-2001-0295;OSVDB-874 | OSVDB-ID: |
| Author: se00020 | Published: 2001-03-06 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/2444/info A remote user could gain read access to directories outside of the ftp root in a Jarle Aase War FTPD Server. Once a user is logged into the server, a specially crafted 'dir' command will disclose an arbitrary directory. This vulnerability could allow an attacker to gain read access to various files residing on the target machine. dir *./../..