{
  "modified": "2025-08-09T19:01:28Z",
  "published": "2005-01-10T05:00:00Z",
  "id": "CVE-2004-1294",
  "details": "The mget function in cmds.c for tnftp 20030825 allows remote FTP servers to overwrite arbitrary files via FTP responses containing file names with / (slash) characters.",
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://tigger.uic.edu/~jlongs2/holes/tnftp.txt"
    },
    {
      "type": "EVIDENCE",
      "url": "http://tigger.uic.edu/~jlongs2/holes/tnftp.txt"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18560"
    }
  ]
}