FTP Server Traversal Arbitrary File Access (RETR)
Medium Nessus Plugin ID 50811
SynopsisThe remote FTP server is susceptible to a directory traversal attack.
DescriptionThe remote FTP server allows a user to retrieve files outside his home directory using a specially crafted 'RETR' command with traversal sequences.
A remote attacker could exploit this flaw to gain access to arbitrary files.
SolutionContact the vendor for an update, use a different product, or disable the service altogether.