Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker to retrieve privileged web server system information by (1) issuing a CD command (CD C:) followed by the LS command, (2) specifying arbitrary paths in the UNC format (\\computername\sharename).

Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial of service by repeatedly issuing an invalid CD or CWD ("CD . .") command.