Lucene search
K

PlatinumFTPServer 1.0.6 - Information Disclosure

🗓️ 30 Dec 2002 00:00:00Reported by Dennis RandType 
exploitpack
 exploitpack
👁 8 Views

PlatinumFTPServer 1.0.6 exposes sensitive information through unsanitized FTP commands.

Code
source: https://www.securityfocus.com/bid/6492/info

It has been reported that PlatinumFTPserver fails to properly sanitize some FTP commands. By sending a malicious request to the vulnerable server, using directory traversal sequences, it is possible for a remote attacker to obtain information about sensitive resources located outside of the FTP root.

Disclosure of sensitive system files may aid the attacker in launching further attacks against the target system. 

dir ..\..\..\..\

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation