MidnightBSD

Advisories for freshwebmaster

CVE-2010-4149 HIGH

Directory traversal vulnerability in FreshWebMaster Fresh FTP 5.36, 5.37, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. NOTE: some of these details are obtained from third party information.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
freshwebmaster fresh_ftp *
freshwebmaster fresh_ftp 5.36