CVE-2001-0263 Information

Description

Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to read file attributes outside of the web root via the (1) SIZE and (2) MDTM commands when the \show relative paths\ option is not enabled.

Reference

http://www.atstake.com/research/advisories/2001/a040301-1.txt http://www.securityfocus.com/bid/2537 https://exchange.xforce.ibmcloud.com/vulnerabilities/6330