source: http://www.securityfocus.com/bid/6554/info PlatinumFTPserver is an FTP server for Microsoft Windows systems. It is commercially available, and distributed by PlatinumFTP. A directory traversal vulnerability has been reported in PlatinumFTPserver. The program does not sufficiently handle dot-dot-slash input, which could result in an attacker gaining access to unauthorized resources. dir ..\directory where directory represents a directory outside the FTP root. del ..\file where file represents a file outside the FTP root.
Related ExploitsOther Possible E-DB Search Terms: PlatinumFTPServer 1.0.6, PlatinumFTPServer
|2002-12-30||22112||PlatinumFTPServer 1.0.6 - Information Disclosure||Dennis Rand|
|2002-12-30||22113||PlatinumFTPServer 1.0.6 - Arbitrary File Deletion||Dennis Rand|
|2005-03-05||25218||PlatinumFTPServer 1.0.18 - Multiple Malformed User Name Connection Denial of Service||ports|