NuytsTech Security

CVE-2001-0054

by ·

Directory traversal vulnerability in FTP Serv-U before 2.5i allows remote attackers to escape the FTP root and read arbitrary files by appending a string such as "/..%20." to a CD command, a variant of a .. (dot dot) attack.

Date published : 2001-05-07

http://www.securityfocus.com/bid/2052

http://archives.neohapsis.com/archives/bugtraq/2000-12/0043.html

Tags: