CVE-2004-2487

Vulnerability

Nexgen FTP Server versions before 2.2.3.23 contain a directory traversal vulnerability [1]. Authenticated remote users can exploit the flaw by injecting "..", "\..\" (backslash dot dot), or "/../" sequences into FTP commands including RETR (get), NLST (ls), LIST (ls), RNFR, or RNTO [1]. This allows traversal outside the intended root directory.

Exploitation

An attacker must first have valid authentication credentials to the FTP server [1]. The attacker then sends a crafted command such as RETR with a path containing traversal sequences like "../" or "\..\" followed by the target file path [1]. No additional user interaction is required beyond the authenticated session.

Impact

Successful exploitation permits reading or listing arbitrary files on the server file system that the FTP process can access [1]. This could lead to disclosure of sensitive data such as configuration files, user credentials, or other system information, compromising confidentiality.

Mitigation

Upgrade to Nexgen FTP Server version 2.2.3.23 or later, which fixes this issue [1]. The vendor's original history page is no longer available (the domain presents a placeholder) [1], so users should seek the latest release from official sources or consider alternative products if the software is end-of-life. No other workarounds are documented in the provided reference.