CVE-2001-0054 – Cat Soft Serv-U FTP Server 2.4/2.5 - FTP Directory Traversal

https://notcve.org/view.php?id=CVE-2001-0054

Directory traversal vulnerability in FTP Serv-U before 2.5i allows remote attackers to escape the FTP root and read arbitrary files by appending a string such as "/..%20." to a CD command, a variant of a .. (dot dot) attack. • https://www.exploit-db.com/exploits/20461 http://archives.neohapsis.com/archives/bugtraq/2000-12/0043.html http://marc.info/?l=bugtraq&m=97604119024280&w=2 http://www.osvdb.org/464 http://www.securityfocus.com/bid/2052 https://exchange.xforce.ibmcloud.com/vulnerabilities/5639 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •