Re: Problems with various windows FTP servers
From: ByteRage (byterage@yahoo.com)Date: 05/28/02
- Previous message: the grugq: "More ELF buggery..."
- In reply to: SnakeByte / Eric Sesterhenn: "Problems with various windows FTP servers"
- Next in thread: Stephen Cope: "Re: Problems with various windows FTP servers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 28 May 2002 00:32:03 -0700 (PDT) From: ByteRage <byterage@yahoo.com> To: bugtraq@securityfocus.com
--- SnakeByte / Eric Sesterhenn <snakebyte@gmx.de>
<snip>
> Texas Imperial Software WFTPD
> CWD ...
> CWD ....
> directory traversal possible
<snip>
I have already posted this bug to bugtraq on May 24,
2001
(cfr. http://online.securityfocus.com/bid/2779/)
The bug has been fixed in version 3.10 release 1
(cfr. http://online.securityfocus.com/bid/2779/info/)
I have verified this with WFTPD 32-bit (X86) version
3.10 release 1 9/27/2001, and this version is patched
against this bug (both CWD ... & CWD ....), since the
server returns :
501 User is not allowed to change to ... - returning
to /.
or
501 User is not allowed to change to .... - returning
to /.
(/ is the homedirectory of the user, not the
rootdirectory)
cheers,
[ByteRage]
__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com
- Previous message: the grugq: "More ELF buggery..."
- In reply to: SnakeByte / Eric Sesterhenn: "Problems with various windows FTP servers"
- Next in thread: Stephen Cope: "Re: Problems with various windows FTP servers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
