|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Stephen Cope (mail
unsolicited.kimihia.org.nz)Date: Tue May 28 2002 - 05:13:01 CDT
I discovered a few days ago that FileZilla[0] up to 0.7.0 is vulnerable
to listing files outside the root directory by using "..". The author
fixed the problem immediately and has released version 0.7.1.
http://sf.net/projects/filezilla/
SnakeByte, your download link has the / facing the wrong way.
> it reports the problem [ www.kryptocrew.de/snakebyte/bed.html ].
-- Stephen Cope - http://sdc.org.nz/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: See http://sdc.org.nz/email for more detail
iEYEARECAAYFAjzzWC0ACgkQ4Bjb33S48hZP/QCfUkPgJKNLtSM68h1xjk7JFBBM t30AoM920UWvM3eZtRqVME8zcu2ue/BW =B9C8 -----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]