- Patch available:
- CVSS vector:
- (AV:L/AC:L/Au:NR/C:N/I:C/A:N/B:N) Approximated
- IglooFTP: IglooFTP
Vulnerability descriptionIglooFTP 0.6.1, when recursively uploading a directory, allows local users to overwrite the files that are being uploaded by creating temporary files with names generated by the tmpnam function, before the files are opened by IglooFTP.
References:University of Illinois at Chicago: http://tigger.uic.edu/~jlongs2/holes/iglooftp.txt