jarle aase war ftpd 1.67 b04 - Directory Traversal Vulnerability

ID EDB-ID:20661
Type exploitdb
Reporter se00020
Modified 2001-03-06T00:00:00


Jarle Aase War FTPD 1.67 b04 Directory Traversal Vulnerability. CVE-2001-0295. Remote exploit for windows platform

                                            source: http://www.securityfocus.com/bid/2444/info

A remote user could gain read access to directories outside of the ftp root in a Jarle Aase War FTPD Server. Once a user is logged into the server, a specially crafted 'dir' command will disclose an arbitrary directory. This vulnerability could allow an attacker to gain read access to various files residing on the target machine. 

dir *./../..