Описание
Directory traversal vulnerability in FreshWebMaster Fresh FTP 5.36, 5.37, and possibly earlier, allows remote FTP servers to write arbitrary files via a ".." (dot dot backslash) in a filename. NOTE: some of these details are obtained from third party information.
Directory traversal vulnerability in FreshWebMaster Fresh FTP 5.36, 5.37, and possibly earlier, allows remote FTP servers to write arbitrary files via a ".." (dot dot backslash) in a filename. NOTE: some of these details are obtained from third party information.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2010-4149
- https://exchange.xforce.ibmcloud.com/vulnerabilities/62555
- http://packetstormsecurity.org/1010-exploits/freshftp-traversal.txt
- http://secunia.com/advisories/41798
- http://www.htbridge.ch/advisory/directory_traversal_vulnerability_in_freshftp.html
- http://www.osvdb.org/68667
- http://www.securityfocus.com/archive/1/514259/100/0/threaded
- http://www.securityfocus.com/bid/44072
Связанные уязвимости
Directory traversal vulnerability in FreshWebMaster Fresh FTP 5.36, 5.37, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. NOTE: some of these details are obtained from third party information.