VULHUB ™

Encrypted File Transfer Protocol (EFTP) utilizes 448bit Blowfish Encryption Algorithm to ensure the secure transfer of files via the FTP protocol. EFTP is maintained by Khamil Landross and Zack Jones. Authenticated users can gain read access to directories residing on the host where the FTP server has been installed. Through the use of '...' sequences when submitting a 'cwd' command, arbitrary directories and files could be disclosed, potentially compromising the privacy of user data and/or obtaining information which could be used to further compromise the host's security. If successfully exploited this vulnerability could lead to the disclosure of sensitive information assisting in further attacks against the host.

Encrypted File Transfer Protocol (EFTP) utilizes 448bit Blowfish Encryption Algorithm to ensure the secure transfer of files via the FTP protocol. EFTP is maintained by Khamil Landross and Zack Jones. Authenticated users can gain read access to directories residing on the host where the FTP server has been installed. Through the use of '...' sequences when submitting a 'cwd' command, arbitrary directories and files could be disclosed, potentially compromising the privacy of user data and/or obtaining information which could be used to further compromise the host's security. If successfully exploited this vulnerability could lead to the disclosure of sensitive information assisting in further attacks against the host.