Directory traversal vulnerability in Cooolsoft PowerFTP Server 2.03 allows attackers to list or read arbitrary files and directories via a .. (dot dot) in (1) LS or (2) GET.

SecurityFocus publication at https://www.securityfocus.com/bid/3593/info
Securiteam publication at http://www.securiteam.com/exploits/6D00L2A35K.html
External info at https://marc.info/?l=bugtraq&m=100698397818175&w=2
Cisco reference at https://tools.cisco.com/security/center/viewAlert.x?alertId=2884

Alex Hernandez aka (@_alt3kx_)