2 matches found
Netwin Surge FTP Server does not adequately validate user input thereby allowing directory traversal
Overview Surge FTP Server 2.0a contains a directory traversal vulnerability. Description Surge FTP Server 2.0a allows remote users to list files outside the FTP root directory. --- Impact Attackers may list files from directories to which access was not granted. --- Solution Upgrade to version...
CVE-2001-0698
NetWin SurgeFTP (SurgeFTP) versions 2.0a and 1.0b are affected by a directory traversal vulnerability in the nlist command, enabling remote attackers to list files and directories outside the FTP root due to insufficient input validation. CERT reports Surge FTP Server 2.0a allows remote users to ...