Directory traversal vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote attackers to create arbitrary directories via directory traversal sequences in a MKD request. NOTE: the provenance of this information is unknown; details are obtained from third party sources.
https://exchange.xforce.ibmcloud.com/vulnerabilities/30282
http://www.vupen.com/english/advisories/2006/4518