BRS WebWeaver 1.0 1 MKDir Directory Traversal Weakness

2003-01-10T00:00:00
ID EDB-ID:22143
Type exploitdb
Reporter euronymous
Modified 2003-01-10T00:00:00

Description

BRS WebWeaver 1.0 1 MKDir Directory Traversal Weakness. Remote exploit for linux platform

                                        
                                            source: http://www.securityfocus.com/bid/6585/info

WebWeaver's FTP component has a flaw which can permit a remote user to create directories outside the FTP root.

By executing the mkdir command on an ftp server with dot-dot-slash (..\) directory traversal notation, an attacker can create a directory outside of the FTP root. 

mkdir ..\[directoryname]