CVE-2008-2894

Name of the Vulnerable Software and Affected Versions NCH Software Classic FTP version 1.02

Description A directory traversal issue in the FTP client allows remote FTP servers to create or overwrite arbitrary files by including a .. (dot dot) in a response to a LIST command.

Recommendations For version 1.02, consider disabling the FTP client functionality until a patch is available to prevent potential exploitation. Restrict access to sensitive files and directories to minimize the risk of arbitrary file creation or overwrite. At the moment, there is no information about a newer version that contains a fix for this vulnerability.