2 matches found
CVE-2010-2695
Xlight FTP Server 3.x is affected by a directory traversal vulnerability in the SFTP/SSH2 virtual server. Versions 3.5.0 and 3.5.5 (and possibly others) before 3.6 allow remote authenticated users to read, overwrite, or delete arbitrary files by crafting .. sequences in commands such as ls, rm, r...
XLight FTP Server 3.x SFTP Directory Traversal
According to its SSH banner, the version of XLight FTP server listening on the remote host is potentially affected by a directory traversal vulnerability in its SFTP service. A remote, authenticated attacker, exploiting this flaw, can read and modify arbitrary files on the remote host. Note that...