Arbitrary File Access Vulnerability in Ben Spink CrushFTP FTP Server 2.1.6 and Earlier

Arbitrary File Access Vulnerability in Ben Spink CrushFTP FTP Server 2.1.6 and Earlier

CVE-2001-0582 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Ben Spink CrushFTP FTP Server 2.1.6 and earlier allows a local attacker to access arbitrary files via a '..' (dot dot) attack, or variations, in (1) GET, (2) CD, (3) NLST, (4) SIZE, (5) RETR.

Learn more about our Cis Benchmark Audit For Server Software.