CVE-2004-1294 Information

Description

The mget function in cmds.c for tnftp 20030825 allows remote FTP servers to overwrite arbitrary files via FTP responses containing file names with / (slash) characters.

Reference

http://tigger.uic.edu/~jlongs2/holes/tnftp.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/18560