CVE-2002-0877

Name of the Vulnerable Software and Affected Versions: Shambala version 4.5

Description: A directory traversal issue in the FTP server allows remote attackers to read arbitrary files by using a .. (dot dot) in the LIST (ls) or GET commands.

Recommendations: For Shambala version 4.5, update the FTP server to prevent directory traversal attacks, or restrict access to the FTP server until a patch is available. As a temporary workaround, consider disabling the LIST (ls) and GET commands in the FTP server until a fix is applied.