CVE-2001-0452 Information

Description

BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a \CD *\ command followed by an ls command.

Reference

http://members.nbci.com/_XMCM/BSoutham/WebWeaver/WebWeaverHistory.html http://www.securityfocus.com/archive/1/180506 http://www.securityfocus.com/bid/2676