CVE-2006-7094

Name of the Vulnerable Software and Affected Versions ftpd versions (affected versions not specified)

Description The issue allows remote authenticated users to list arbitrary directories with the privileges of gid 0, which could enable additional attack vectors. This occurs because ftpd sets the gid to the effective uid instead of the effective group id before executing /bin/ls.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.