GEN:SID 1:1992
Message FTP LIST directory traversal attempt
Summary This event is generated when an attempt is made to list directories outside the ftp root directory.
Impact Information disclosure. This is a directory traversal attempt which can lead to information disclosure and possible exposure of sensitive system information.
Detailed Information Some versions of the QVT FTP server from QPC Software allows browsing the directory structure of a host using a directory traversal technique.
Affected Systems QPC Software QVT/Net 4.0 for Windows NT, 2000 and 9x
QPC Software QVT/Term 5.0 for Windows NT, 2000 and 9x
Other FTP servers may be vulnerable
Attack Scenarios An authorized user or anonymous user can use the directory traversal technique, to browse folders outside the ftp root directory. Information gathered may be used in further attacks against the host.
Ease of Attack Simple. No exploit software required.
Corrective Action Apply the appropriate vendor supplied patches

Upgrade the software to the latest non-affected version.
Additional References  
Rule References bugtraq: 2618
cve: 2001-0680
cve: 2002-1054
nessus: 11112