CVE-2002-1544

Name of the Vulnerable Software and Affected Versions CooolSoft Personal FTP Server version 2.24

Description A directory traversal issue allows remote attackers to read or modify arbitrary files by using .. (dot dot) sequences in certain commands, including (1) LIST (ls), (2) mkdir, (3) put, or (4) get.

Recommendations For CooolSoft Personal FTP Server version 2.24, consider restricting access to the affected commands until a patch is available. As a temporary workaround, limit the use of the LIST (ls), mkdir, put, and get commands to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.