Re: Problems with various windows FTP servers

From: Stephen Cope (mailat_private)
Date: Tue May 28 2002 - 03:13:01 PDT

Next message: Mandrake Linux Security Team: "MDKSA-2002:035 - perl-Digest-MD5 update"

Previous message: ByteRage: "Re: Problems with various windows FTP servers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I discovered a few days ago that FileZilla[0] up to 0.7.0 is vulnerable
to listing files outside the root directory by using "..". The author
fixed the problem immediately and has released version 0.7.1.

http://sf.net/projects/filezilla/

SnakeByte, your download link has the / facing the wrong way.

> it reports the problem [ www.kryptocrew.de/snakebyte/bed.html ].

-- 
Stephen Cope - http://sdc.org.nz/

application/pgp-signature attachment: stored

Next message: Mandrake Linux Security Team: "MDKSA-2002:035 - perl-Digest-MD5 update"
Previous message: ByteRage: "Re: Problems with various windows FTP servers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue May 28 2002 - 08:22:03 PDT