MidnightBSD

Advisories for robo-ftp

CVE-2010-4095 HIGH

Directory traversal vulnerability in the FTP client in Serengeti Systems Incorporated Robo-FTP 3.7.3, and probably other versions before 3.7.5, allows remote FTP servers to write arbitrary files via a .. (dot dot) in a filename in a server response.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
robo-ftp robo-ftp 3.7.3
robo-ftp robo-ftp 3.7.4