Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

SurgeFTP vulnerabilities

From: "SDL Office" <bugtraq () sentry-labs com>
Date: Tue, 19 Jun 2001 10:08:11 +0200
[Sentry Research Labs - ID0301061701]

This advisory is provided by www.sentry-labs.com

Note:
This advisory is for information and educational purpouse only! We
are not responsible for any abuse or damage resulting from these
information.

Author:
Siberian

Topic:
Serveral Security Flaws in Surge FTP Server

Affected:
Surdge FTP Server 2.0a
Tested with Windows 98 SE and Surge FTP Server 2.0a Trial

Vendor Status:
Informed, bugfix available

Vendor URL:
http://netwinsite.com/surgeftp/

Preamble:
Surge FTP Server is a US$385 FTP Server Software from Netwin, which come
with serveral features
like webinterface and other intresting features

Issue:
1.) A simple directory transversal bug allows listing of normaly
unaccessable files
2.) FTP allows anybody to DOS the machine with a well known con/con attack.

Exploit:
1.) Connect to the server with anonymous and type "nlist ..."
2.) Connect to the server with anonymous and type cd con/con (yes, this is
well know and works with MANY other too, but we think it should be
filtered).

Workaround:
update to ver 2.0b available form www.netwinsite.com/surgeftp
Previous By Date Next
Previous By Thread Next

Current thread: