Cooolsoft PowerFTP Server Multiple Command Arbitrary File Access

2001-11-28T00:00:00
ID OSVDB:7756
Type osvdb
Reporter al3x hernandez(al3xhernandez@ureach.com)
Modified 2001-11-28T00:00:00

Description

Vulnerability Description

PowerFTP contains a flaw that allows a remote attacker to access unauthorized files. The issue is due to the PowerFTP Server inproperly checking for permissions on other drives. By sending the LS or GET command with "dot dot" sequences (/../), a remote attacker can access other files outside of the FTP server root directory, resulting a loss of confidentiality and integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

PowerFTP contains a flaw that allows a remote attacker to access unauthorized files. The issue is due to the PowerFTP Server inproperly checking for permissions on other drives. By sending the LS or GET command with "dot dot" sequences (/../), a remote attacker can access other files outside of the FTP server root directory, resulting a loss of confidentiality and integrity.

References:

Vendor URL: http://www.cooolsoft.com/powerftp.htm Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2001-11/0243.html ISS X-Force ID: 7615 CVE-2001-0931 Bugtraq ID: 3593