SmartFTP Directory Traversal Vulnerability
Medium Nessus Network Monitor Plugin ID 5702
SynopsisThe remote host has a FTP client installed that is vulnerable to a directory traversal attack
DescriptionThe remote host is running SmartFTP, a FTP client for Windows.
Versions of SmartFTP earlier than 4.0.1124 are potentially affected by a directory traversal vulnerability. An attacker, exploiting this flaw, could trick a user into downloading a malicious file into a user's Startup folder.
SolutionUpgrade to SmartFTP 4.0.1124 or later.