11 lines
No EOL
543 B
Text
11 lines
No EOL
543 B
Text
source: http://www.securityfocus.com/bid/29989/info
|
|
|
|
AceFTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input.
|
|
|
|
Exploiting this issue allows an attacker to write arbitrary files to locations outside of the application's current directory. This could help the attacker launch further attacks.
|
|
|
|
AceFTP Freeware 3.80.3 and AceFTP Freeware 3.80.3 are vulnerable; other versions may also be affected.
|
|
|
|
Response to LIST:
|
|
|
|
/../../../../../../../../../testfile.txt\r\n |