CVE-2004-1294

EPSS 0.43%

Published: 1/10/2005Modified: 4/28/2026

Description

The mget function in cmds.c for tnftp 20030825 allows remote FTP servers to overwrite arbitrary files via FTP responses containing file names with / (slash) characters.

Affected packages (1)

Debian/tnftpfrom 0, < 20050625-0.1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2004-1294