Buffy is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to download and delete local files in the context of the webserver process which may aid in further attacks. Buffy 1.3 is vulnerable prior versions may also be affected.
Updated on 2015-03-25
- WS FTP CWD DoS
- Ricoh DC Software DL-10 FTP Server 'USER' Command Buffer Overflow Vulnerability
- Home FTp Server DOS And Multiple Directory Traversal Vulnerabilities
- SmartFTP Client Information Disclosure Vulnerability
- Wing FTP Server Versions Prior to 3.4.1 Multiple Information Disclosure Vulnerabilities