26th Sep 2002 [SBWID-5253]
COMMAND
	Typsoft FTP Server directory traversal vulnerability
SYSTEMS AFFECTED
	Versions 0.97.1 (and possible previous versions)
PROBLEM
	Ueli  Kistler  found   following   directory   traversal   vulnerability
	regarding Typsoft FTP Server [http://www.typsoft.com] :
	simply add a the asterisk symbol (*) and every  directory  on  the  same
	partition can be listed:
	
	ls ../../*.*
	ls "../../My%20files/*.*"
	etc..
	
	This  allows  an  attacker  to  gain  usefull  information  for  further
	attacks. Files CANNOT be downloaded using this vulnerability...
SOLUTION
	Download the latest version