FileCOPA is a commercial FTP server for Windows that is available as shareware.
Sow Ching Shiong, an independent vulnerability researcher has identified a Directory Traversal vulnerability in FileCOPA FTP Server. This issue was discovered in a default installation of FileCOPA FTP Server 5.02. Other earlier versions may also be affected.
Proof of concept
Solution
Update to version 5.03 or later.
Reference
Secunia: http://secunia.com/advisories/39843/
Disclosure Timeline
2010-05-19 - Vulnerability discovered.
2010-05-19 - Vulnerability reported to Secunia.
2010-05-20 - Secunia confirmed the vulnerability and contacted the vendor.
2010-05-21 - Patch released.
2010-05-21 - Advisory published by Secunia.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.