Directory traversal vulnerability in NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to list arbitrary files and directories via the 'nlist ...' command.Referenceshttp://www.netwinsite.com/surgeftp/manual/updates.htmhttp://www.securityfocus.com/archive/1/191916https://exchange.xforce.ibmcloud.com/vulnerabilities/6711http://www.securityfocus.com/bid/2892
