Home / os / win3.11

CoreFTP Server MDTM Directory Traversal

Posted on 26 August 2019

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal (....) to browse outside the root directory to determine the existence of a file on the operating system, and the last modified date.

 

TOP

Malware :

Exploits :