CVE-2004-2747 Information

Description

Directory traversal vulnerability in Pablo Software Solutions Quick ’n Easy FTP Server 1.77 and possibly earlier versions allows remote authenticated users to determine the existence of arbitrary files via a .. (dot dot) in the DEL command which triggers different error messages depending on whether the file exists or not.

Reference

http://secunia.com/advisories/10661 http://www.osvdb.org/3574 http://www.securityfocus.com/archive/1/350224/30/21640/threaded http://www.securityfocus.com/bid/9443 http://www.securitytracker.com/id?1008756