CVE-2008-2519

https://notcve.org/view.php?id=CVE-2008-2519

Directory traversal vulnerability in Core FTP client 2.1 Build 1565 allows remote FTP servers to create or overwrite arbitrary files via .. (dot dot) sequences in responses to LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder. Vulnerabilidad de salto de directorio en Core FTP client 2.1 Build 1565 permite a servidores FTP remotos crear o sobrescribir ficheros de su elección a través de secuencias .. (punto punto) en respuesta a comandos LIST, una cuestión relacionada a CVE-2002-1345. • http://secunia.com/advisories/30389 http://vuln.sg/coreftp211565-en.html http://www.coreftp.com/forums/viewtopic.php?t=6078 http://www.securityfocus.com/bid/29362 http://www.vupen.com/english/advisories/2008/1643/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42605 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •