CVE-2008-6424

Name of the Vulnerable Software and Affected Versions: FFFTP version 1.96b

Description: A directory traversal issue allows remote FTP servers to create or overwrite arbitrary files. This occurs when an FTP server responds to an FTP LIST command with a filename containing a .. (dot dot) sequence.

Recommendations: For FFFTP version 1.96b, update to a version that fixes this issue to prevent remote FTP servers from creating or overwriting arbitrary files. At the moment, there is no information about a newer version that contains a fix for this vulnerability.