Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org .
QVT/Net FTP Server Arbitrary File/Directory Access
Remote / Network Access
Loss of Confidentiality,
Loss of Integrity
QVT/Net contains a flaw that allows a remote attacker to access arbitrary fles and directories outside of the web path. The issue is due to the server not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the FTP command.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.