Buffy is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to download and delete local files in the context of the webserver process which may aid in further attacks. Buffy 1.3 is vulnerable prior versions may also be affected.
Updated on 2015-03-25
- Cerberus FTP Server 'ALLO' Command Buffer Overflow Vulnerability
- Home FTP Server 'MKD' Command Directory Traversal Vulnerability
- Telnet-FTP Server 'RETR' Command Remote Denial of Service Vulnerability
- Wing FTP Server Versions Prior to 3.4.1 Multiple Information Disclosure Vulnerabilities
- NcFTPD Symbolic Link Information Disclosure Vulnerability