COMMAND

    ArGoSoft

SYSTEMS AFFECTED

    ArGoSoft 1.2.2.2 FTP Server

PROBLEM

    ByteRage  found  following.   ArGoSoft  also  has the *.lnk upload
    directory traversal vulnerability:

        PUT \local.lnk remote.lnk.

    Users  with  write  permissions   can  traverse  directories,   by
    uploading a lnk file pointing to the desired file/directory.

SOLUTION

    Vendor knows about it.