11 lines
No EOL
491 B
Text
11 lines
No EOL
491 B
Text
source: http://www.securityfocus.com/bid/29844/info
|
|
|
|
WISE-FTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input.
|
|
|
|
Exploiting this issue allows an attacker to write arbitrary files to locations outside of the application's current directory. This could help the attacker launch further attacks.
|
|
|
|
Versions prior to WISE-FTP 5.5.9 are vulnerable.
|
|
|
|
Response to LIST:
|
|
|
|
\..\..\..\..\..\..\..\..\..\testfile.txt\r\n |