Vulnerability Development mailing list archives
Re: WIN2K security bug with FTP. Bug allows any file to bedeleted from the remote system.
From: Kevin van der Raad <k.van.der.raad () itsec nl>
Date: Fri, 16 Feb 2001 15:16:09 +0100
I can just confirm this vulnerability localy on a machine. When I did c:\ftp ftp.target.com the file on my local machine got overwritten. Then, it just worked on files I normaly (outside ftp) have access to, it did not work on other local files (from other users). In this case it is not even a local vulnerability. I tested this on a Windows 2000 Advanced Server 5.00.2195 as well. -- Kevin van der Raad <mailto:k.van.der.raad () itsec nl> ITsec Nederland B.V. <http://www.itsec.nl> Informatiebeveiliging Exploit & Vulnerability Alerting Service P.O. box 5120 NL 2000 GC Haarlem Tel +31(0)23 542 05 78 Fax +31(0)23 534 54 77 -- ITsec Nederland B.V. may not be held liable for the effects or damages caused by the direct or indirect use of the information or functionality provided by this posting, nor the content contained within. Use them at your own risk. ITsec Nederland B.V. bears no responsibility for misuse of this posting or any derivatives thereof.
Current thread:
- WIN2K security bug with FTP. Bug allows any file to be deleted from the remote system. Antti Hakulinen (Feb 15)
- Re: WIN2K security bug with FTP. Bug allows any file to be deleted from the remote system. Stephen (Feb 16)
- Re: WIN2K security bug with FTP. Bug allows any file to bedeleted from the remote system. Kevin van der Raad (Feb 16)
- Re: WIN2K security bug with FTP. Bug allows any file to be deleted from the remote system. 3APA3A (Feb 16)
- Re: WIN2K security bug with FTP. Bug allows any file to be deleted from the remote system. Antti Hakulinen (Feb 16)
- Re: WIN2K security bug with FTP. Bug allows any file to be deleted Robert A. Seace (Feb 16)
- Re: WIN2K security bug with FTP. Bug allows any file to be deleted from the remote system. Stephen (Feb 16)