Pi-Soft SpoonFTP does not adequately validate user input thereby allowing directory traversal

Overview SpoonFTP Server does not adequately validate user input, allowing directory traversal. Description SpoonFTP Server does not adequately validate arguments to the CWD command, allowing directory traversal out of the FTP root directory. --- Impact Users may read any directory or file on the...

CVE-2002-0139

Pi-Soft SpoonFTP 1.1 and earlier allows remote attackers to redirect traffic to other sites aka FTP bounce via the PORT command...

Релеинг соединений в SpoonFTP (ftp bounce attack)

При установке Ftp-data соединения не проверяются привелигерованные порты и IP адрес назначения...

Bounce vulnerability in SpoonFTP 1.1.0.1

The vulnerability: The FTP server is vulnerable to the FTP bounce attack, even against ports lower than 1024. Vendor Response: Pi-Soft have created a new version that among other things fix this vulnerability. Their response was very nice and quick. /Arne Vidstrom, http://ntsecurity.nu...

Vulnerability in SpoonFTP

-----BEGIN PGP SIGNED MESSAGE----- Vulnerability in SpoonFTP Overview SpoonFTP v1.1 is an ftp server available from http://www.pi-soft.com/. A vulnerability exists which allows a remote user to break out of the ftp root. Details The following excerpt demonstrates the problem; an ftp root of...

Переполнение буфера в SpoonFTP (buffer overflow)

переполнения буфера в командах CWD и LIST...