glFTPd 1.x/2.0 ‘ZIP’ Plugins – Multiple Directory Traversal Vulnerabilities

glFTPd 1.x/2.0 ‘ZIP’ Plugins – Multiple Directory Traversal Vulnerabilities

漏洞ID 1054909 漏洞类型
发布时间 2005-02-18 更新时间 2005-02-18
图片[1]-glFTPd 1.x/2.0 ‘ZIP’ Plugins – Multiple Directory Traversal Vulnerabilities-安全小百科CVE编号 N/A
图片[2]-glFTPd 1.x/2.0 ‘ZIP’ Plugins – Multiple Directory Traversal Vulnerabilities-安全小百科CNNVD-ID N/A
漏洞平台 Linux CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/25122
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/12586/info

It is reported that various ZIP related plugins supplied with the server contain multiple directory traversal vulnerabilities. These issues may allow remote attackers to determine the existence of files on a computer and also disclose arbitrary files. The issues arise due to insufficient sanitization of user-supplied data.

By determining the presence of files in restricted directories and outside the server's root in addition to disclosing the contents of arbitrary files, the attacker can launch various attacks against a vulnerable computer. If an attack results in the disclosure of a password file, these issues may ultimately lead to unauthorized access to the affected computer in the context of the server.

The affected plugins are shipped with the FTP server by default. glFTPD 1.26 to 2.00 are reported vulnerable. 

To determine the existence of a file out side the server's root:
site nfo ../etc/group

To determine the existence of the first two files in a directory out side the server's root:
site nfo ../../../../../etc/*

To determine the existence of the first two files in a directory inside the server's root:
site nfo staff/*

To determine the existence of files in the directory tree:
site nfo ../../../../../etc/a*

To determine the existence of files in a ZIP archive:
site nfo ../../*.zip

To disclose the contents of files with names starting with the letter 'p' in a directory:
site nfo ../../backup.zip p*

相关推荐: BitMover BitKeeper Local Insecure Temporary File Permissions Vulnerability

BitMover BitKeeper Local Insecure Temporary File Permissions Vulnerability 漏洞ID 1101050 漏洞类型 Configuration Error 发布时间 2003-01-12 更…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享