MidnightBSD

Advisories for vwsolutions

CVE-2008-6534 HIGH

Incomplete blacklist vulnerability in NULL FTP Server Free and Pro 1.1.0.7 allows remote authenticated users to execute arbitrary commands via a custom SITE command containing shell metacharacters such as "&" (ampersand) in the middle of an argument.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
vwsolutions null_ftp 1.1.0.7