RaidenFTPD未认证文件访问漏洞

29次阅读
没有评论

RaidenFTPD未认证文件访问漏洞

漏洞ID 1108698 漏洞类型 路径遍历
发布时间 2005-04-21 更新时间 2005-10-20
RaidenFTPD未认证文件访问漏洞CVE编号 CVE-2005-1480
RaidenFTPD未认证文件访问漏洞CNNVD-ID CNNVD-200505-962
漏洞平台 Windows CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/25486
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200505-962
|漏洞详情
RaidenFTPD的2.4.2241之前版本存在目录遍历漏洞,远程攻击者可以通过在一个urlget站命令中的一个”..\”(点点反斜杠)来读取任意文件。
|漏洞EXP
source: http://www.securityfocus.com/bid/13292/info

RaidenFTPD is prone to a vulnerability that could allow unauthorized access to files outside the FTP root. The issue exists due to a lack of sufficient sanitization performed on 'SITE urlget' requests. Directory traversal sequences may be passed as a parameter for this request.

This vulnerability allows a remote attacker to read files outside of the FTP document root directory. An attacker may read files with the privileges of the FTP server process.

This issue was reported to affect all versions of RaidenFTPD prior to 2.4.2241.

quote site urlget file://..\boot.ini
|参考资料

来源:SECUNIA
名称:15037
链接:http://secunia.com/advisories/15037
来源:XF
名称:raidenftpd-directory-traversal(20368)
链接:http://xforce.iss.net/xforce/xfdb/20368
来源:BID
名称:13292
链接:http://www.securityfocus.com/bid/13292
来源:OSVDB
名称:15713
链接:http://www.osvdb.org/15713
来源:BUGTRAQ
名称:20050502DirectoryTraversalVuln-RaidenFTPD2.4链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=111507556127582&w;=2
来源:forum.raidenftpd.com
链接:http://forum.raidenftpd.com/showflat.php?Board=UBB13&Number;=45685

相关推荐: HP JetDirect Printer SNMP JetAdmin Device Password Disclosure Vulnerability

HP JetDirect Printer SNMP JetAdmin Device Password Disclosure Vulnerability 漏洞ID 1100701 漏洞类型 Design Error 发布时间 2003-03-03 更新时间 20…

正文完
 0