I discovered a few days ago that FileZilla[0] up to 0.7.0 is vulnerable to listing files outside the root directory by using "..". The author fixed the problem immediately and has released version 0.7.1. http://sf.net/projects/filezilla/ SnakeByte, your download link has the / facing the wrong way. > it reports the problem [ www.kryptocrew.de/snakebyte/bed.html ]. -- Stephen Cope - http://sdc.org.nz/
This archive was generated by hypermail 2b30 : Tue May 28 2002 - 08:22:03 PDT