2004-09-01 04:00:00
mitre
PUBLISHED
WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPDs check for a ".lnk" extension.