Wednesday, April 18, 2012

FileCOPA FTP Server 5.02 Directory Traversal Vulnerability

FileCOPA is a commercial FTP server for Windows that is available as shareware.

Sow Ching Shiong, an independent vulnerability researcher has identified a Directory Traversal vulnerability in FileCOPA FTP Server. This issue was discovered in a default installation of FileCOPA FTP Server 5.02. Other earlier versions may also be affected.

Proof of concept

Update to version 5.03 or later.


Disclosure Timeline
2010-05-19 - Vulnerability discovered.
2010-05-19 - Vulnerability reported to Secunia.
2010-05-20 - Secunia confirmed the vulnerability and contacted the vendor.
2010-05-21 - Patch released.
2010-05-21 - Advisory published by Secunia.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.