CVE-2004-2487

Name of the Vulnerable Software and Affected Versions: Nexgen FTP Server versions prior to 2.2.3.23

Description: The issue allows remote authenticated users to read or list arbitrary files via specific sequences in various FTP commands, including RETR (get), NLST (ls), LIST (ls), RNFR, or RNTO. These sequences include (1) "..", (2) ".." (backslash dot dot), or (3) "/../".

Recommendations: For versions prior to 2.2.3.23, update to version 2.2.3.23 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation. Avoid using the vulnerable FTP commands until the issue is resolved.