CVE-2000-1101

Name of the Vulnerable Software and Affected Versions WFTPD versions 2.41 and 3.00

Description A directory traversal issue allows local users to escape the home directory by using a "/../" string, which is a variation of the .. (dot dot) attack, when the "Restrict to home directory" option is enabled.

Recommendations For WFTPD version 2.41, disable the "Restrict to home directory" option or restrict access to the FTP server until a fix is available. For WFTPD version 3.00, consider disabling the FTP server functionality or limiting user access to prevent exploitation of the directory traversal issue until a patch is released.