smallftpd's version 1.0.2 Directory Transversal Vulnerability

["aT4r InsaN3" <at4r () hotmail com>]

Smallftpd is a simple and small Ftp server for windows. A vulnerability 
exists in smallftpd v 1.02(http://smallftpd.free.fr/) that allow 
unauthorizeded users to browse the root directorys and skip access list.


CWD \..\..
250 CWD command successful.


also smallftpd v0.99 avaliable to download at http://smallftpd.free.fr too 
have multiple vulnerabilities.

Denial OF service: just type "%s %s" as login and the ftp server will crash.
buffer overflows when a command have length >280 chars. example: cd 
AAAAAAAAAA...

this bugs seems to be patched in the lastest version.


at4r [at] 3wdesign.es Security 2003


_________________________________________________________________
Melodías, logos y mil servicios para tu teléfono en MSN Móviles.  
http://www.msn.es/MSNMovil/