CVE-2008-2519

Name of the Vulnerable Software and Affected Versions Core FTP client version 2.1 Build 1565

Description A directory traversal issue allows remote FTP servers to create or overwrite arbitrary files by using .. (dot dot) sequences in responses to LIST commands. This can potentially be leveraged for code execution by writing to a Startup folder.

Recommendations For Core FTP client version 2.1 Build 1565, consider disabling the LIST command functionality until a patch is available to prevent remote FTP servers from exploiting this issue. Restrict access to sensitive folders, such as Startup folders, to minimize the risk of code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.