2001-05-24 04:00:00
mitre
PUBLISHED
BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command.