RSS   Vulnerabilities for 'Iglooftp'   RSS

2005-01-10
 
CVE-2004-1277

 

 
The download_selection_recursive() function in ftplist.c for IglooFTP 0.6.1 allows remote malicious FTP servers to overwrite arbitrary files via filenames that contain / (slash) characters.

 
 
CVE-2004-1276

 

 
IglooFTP 0.6.1, when recursively uploading a directory, allows local users to overwrite the files that are being uploaded by creating temporary files with names generated by the tmpnam function, before the files are opened by IglooFTP.

 

 >>> Vendor: Iglooftp 2 Products
Iglooftp pro
Iglooftp


Copyright 2024, cxsecurity.com

 

Back to Top