[NT] Directory Traversal Vulnerability in 121 WAM! Server
From: SecuriTeam (support_at_securiteam.com)
Date: 08/12/03
- Previous message: SecuriTeam: "[TOOL] HOON, an AT&T to Shellcode"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: list@securiteam.com Date: 12 Aug 2003 14:44:33 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
Get Thawte's New Step-by-Step SSL Guide for MSIIS
In this guide you will find out how to test, purchase, install
and use a Thawte Digital Certificate on your MSIIS web server.
Throughout, best practices for set-up are highlighted to help you
ensure efficient ongoing management of your encryption keys and digital
certificates. Get your copy of this new guide now:
http://ad.doubleclick.net/clk;5903126;8265119;j
- - - - - - - - -
Directory Traversal Vulnerability in 121 WAM! Server
------------------------------------------------------------------------
SUMMARY
<http://www.121software.com/121wam/server.asp> 121 WAM! Server is "a
standard FTP server for Microsoft Windows. When used in conjunction with
121 WAM! Client, it also provides your users with a complete solution to
manage their online databases including Microsoft Access, SQL Server and
MySQL. 121 WAM! makes uploading, downloading and transferring data a
simple drag and drop operation. 121 WAM! Server is the first FTP server
that supports database transfer functionality".
Due to a vulnerability in the product remote attackers can access files
that reside outside the bounding FTP root directory.
DETAILS
Vulnerable Systems:
* 121 WAM! Server 1.0.4.0 (Possibly previous versions)
Sending the command CWD .., will not change the directory. However sending
CWD /../ allows normal users to 'hop' out of the pre-defined user root
directory, and browse the entire hard drive.
ADDITIONAL INFORMATION
The information has been provided by <mailto:peter4020@hotmail.com> Peter
Winter-Smith
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: SecuriTeam: "[TOOL] HOON, an AT&T to Shellcode"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
