Re: Problems with various windows FTP servers

From: Stephen Cope (mail@unsolicited.kimihia.org.nz)
Date: 05/28/02

• Previous message: ByteRage: "Re: Problems with various windows FTP servers"
• In reply to: SnakeByte / Eric Sesterhenn: "Problems with various windows FTP servers"
• Next in thread: Alun Jones: "Re: Problems with various windows FTP servers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 28 May 2002 22:13:01 +1200
From: Stephen Cope <mail@unsolicited.kimihia.org.nz>
To: bugtraq@securityfocus.com

I discovered a few days ago that FileZilla[0] up to 0.7.0 is vulnerable
to listing files outside the root directory by using "..". The author
fixed the problem immediately and has released version 0.7.1.

http://sf.net/projects/filezilla/

SnakeByte, your download link has the / facing the wrong way.

> it reports the problem [ www.kryptocrew.de/snakebyte/bed.html ].

-- 
Stephen Cope - http://sdc.org.nz/

---

• application/pgp-signature attachment: stored

---

• Previous message: ByteRage: "Re: Problems with various windows FTP servers"
• In reply to: SnakeByte / Eric Sesterhenn: "Problems with various windows FTP servers"
• Next in thread: Alun Jones: "Re: Problems with various windows FTP servers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2002-05