CVE-2010-4095 Information

Description

Directory traversal vulnerability in the FTP client in Serengeti Systems Incorporated Robo-FTP 3.7.3 and probably other versions before 3.7.5 allows remote FTP servers to write arbitrary files via a .. (dot dot) in a filename in a server response.

Reference

http://kb.robo-ftp.com/change_log/show/77 http://secunia.com/advisories/41809 http://www.htbridge.ch/advisory/directory_traversal_vulnerability_in_robo_ftp.html http://www.securityfocus.com/archive/1/514267/100/0/threaded http://www.securityfocus.com/bid/44073 https://exchange.xforce.ibmcloud.com/vulnerabilities/62548