MidnightBSD

Advisories for ben_spink

CVE-2001-0582 MEDIUM

Ben Spink CrushFTP FTP Server 2.1.6 and earlier allows a local attacker to access arbitrary files via a '..' (dot dot) attack, or variations, in (1) GET, (2) CD, (3) NLST, (4) SIZE, (5) RETR.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ben_spink crushftp_ftp_server *
ben_spink crushftp_ftp_server 2.1.4