Directory Traversal Vulnerability in NetWin SurgeFTP Products
CVE-2001-0698

Currently unrated

Key Information:

Vendor: Netwin
Status: Surgeftp
Vendor: CVE Published:; 20 September 2001

Summary

A directory traversal vulnerability exists in NetWin SurgeFTP versions 2.0a and 1.0b, allowing remote attackers to manipulate the 'nlist ...' command. This exploitation can potentially let attackers list arbitrary files and directories on the server, exposing sensitive information and compromising server integrity. Users of the affected versions should take immediate action to secure their systems against unauthorized access.

References

http://www.netwinsite.com/surgeftp/manual/updates.htm

x_refsource_CONFIRM

http://www.securityfocus.com/archive/1/191916

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/6711

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Sep 20, 2001
Vulnerability Reserved
Aug 29, 2001