CVE-2006-0319

Name of the Vulnerable Software and Affected Versions Farmers WIFE version 4.4 SP1

Description The issue allows remote attackers to create arbitrary files via ".." (dot dot) sequences in a (1) PUT, (2) SIZE, and possibly other commands, due to a directory traversal vulnerability in the FTP server (port 22003/tcp).

Recommendations For Farmers WIFE version 4.4 SP1, consider restricting access to the FTP server on port 22003/tcp until a patch is available. As a temporary workaround, avoid using the PUT and SIZE commands in the FTP server to minimize the risk of exploitation.