11 lines
No EOL
590 B
Text
Executable file
11 lines
No EOL
590 B
Text
Executable file
source: http://www.securityfocus.com/bid/29741/info
|
|
|
|
Glub Tech Secure FTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. This issue occurs in the FTP client.
|
|
|
|
Exploiting these issues will allow an attacker to write arbitrary files to locations outside of the application's current directory. This could help the attacker launch further attacks.
|
|
|
|
Secure FTP 2.5.15 for Microsoft Windows is vulnerable; other versions may also be affected.
|
|
|
|
Response to LIST:
|
|
|
|
\..\..\..\..\..\..\..\..\..\testfile.txt\r\n |