Date: 3 Jun 2003 20:41:27 -0000
From: JeiAr <[email protected]>
To: [email protected]Subject: Vulnerabilities In Pablo Software Solutions FTP Service 1.2
Plaintext Password Vulnerability
------------------------------------
User info is stored in users.dat in plaintext. If the
anonymous account is present (it is by default) the
entire FTP server can be compromised
ftp://somewhere/program files/pablo's ftp service/users.dat
Default Anonymous Account
------------------------------------
The anonymous account is by default set to
have download access to anything in the C:\
directory. While this can be disabled by simply
deleting the anonymous account, it poses a
serious threat for anyone not aware of the problem.
ftp://somewhere/windows/repair/sam
In conclusion this application is totally open to
complete compromise by default. Vendor was notified
and plans on releasing a fix soon.
Credits
------------------------------------
Creits go to JeiAr of GulfTech Computers
and CSA Security Research Team
http://www.gulftech.org
