CVE-2008-2822

Name of the Vulnerable Software and Affected Versions 3D-FTP Client version 8.01 (8.0 build 1)

Description The issue concerns multiple directory traversal vulnerabilities in the FTP client. These vulnerabilities allow remote FTP servers to create or overwrite arbitrary files by including a .. (dot dot) in responses to certain commands, specifically the LIST or MLSD commands.

Recommendations For 3D-FTP Client version 8.01 (8.0 build 1), consider restricting access to the FTP client until a fix is available, and avoid using the LIST and MLSD commands on untrusted FTP servers to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.