12 lines
No EOL
572 B
Text
12 lines
No EOL
572 B
Text
source: https://www.securityfocus.com/bid/29846/info
|
|
|
|
Classic FTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input.
|
|
|
|
Exploiting this issue allows an attacker to write arbitrary files to locations outside of the application's current directory. This could help the attacker launch further attacks.
|
|
|
|
Classic FTP 1.02 for Microsoft Windows is vulnerable; other versions may also be affected.
|
|
|
|
Response to LIST:
|
|
|
|
\..\..\..\..\..\..\..\..\..\testfile.txt\r\n
|
|
/../../../../../../../../../testfile.txt\r\n |