I discovered a few days ago that FileZilla[0] up to 0.7.0 is vulnerable to listing files outside the root directory by using "..". The author fixed the problem immediately and has released version 0.7.1. http://sf.net/projects/filezilla/ SnakeByte, your download link has the / facing the wrong way. > it reports the problem [ www.kryptocrew.de/snakebyte/bed.html ]. -- Stephen Cope - http://sdc.org.nz/
Attachment:
pgp00142.pgp
Description: PGP signature
