Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

BisonFTP Server V4R1 *.bdl upload Directory Traversal

From: ByteRage <byterage () yahoo com>
Date: Mon, 2 Jul 2001 07:23:53 -0700 (PDT)
BisonFTP Server V4R1 *.bdl upload Directory Traversal
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AFFECTED SYSTEMS

Bison FTP Server V4R1

DESCRIPTION

BisonFTP Server V4R1 allows any user to upload *.bdl
(a file format invented to make links to directories)
:

PUT \local.bdl remote.bdl

(We don't even need to append a dot, we can just
upload it)

If we create a *.bdl pointing to the harddrive's root
(using our own copy of BisonFTP Server) and we CD to
that link, we can browse the entire drive and we have
the same rights as we have in our homedirectory + we
can dive into subdirs whilst keeping the same rights.

IMPACT
users with write permissions can traverse directories,
by uploading a bdl file pointing to the desired
(root)directory

VENDOR STATUS

I have sent this advisory to info () bisonftp com

=======================================================
[ByteRage] byterage () yahoo com [www.byterage.cjb.net]
=======================================================

__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/
Previous By Date Next
Previous By Thread Next

Current thread: