2 matches found
CVE-2001-0582
Ben Spink CrushFTP FTP Server 2.1.6 and earlier allows a local attacker to access arbitrary files via a '..' dot dot attack, or variations, in 1 GET, 2 CD, 3 NLST, 4 SIZE, 5 RETR...
CVE-2001-0582
CrushFTP FTP Server 2.1.6 and earlier is affected by a local directory-traversal vulnerability allowing access to arbitrary files via traversal sequences in FTP commands (GET, CD, NLST, SIZE, RETR). The underlying issue is inadequate input filtering that permits ".."-style path traversal, enablin...