{"id":"CVE-2004-1294","details":"The mget function in cmds.c for tnftp 20030825 allows remote FTP servers to overwrite arbitrary files via FTP responses containing file names with / (slash) characters.","modified":"2026-04-10T03:36:37.598331Z","published":"2005-01-10T05:00:00Z","references":[{"type":"ADVISORY","url":"http://tigger.uic.edu/~jlongs2/holes/tnftp.txt"},{"type":"EVIDENCE","url":"http://tigger.uic.edu/~jlongs2/holes/tnftp.txt"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/18560"}],"schema_version":"1.7.5"}