Lucene search
ftgate.web.txt
🗓️ 05 Nov 1999 00:00:00Reported by Underground Security Systems ResearchType 
packetstorm🔗 packetstormsecurity.com👁 27 Views
FTGate Version 2.1 has a Directory Traversal Vulnerability allowing unauthorized file access via URL.
Show more
`FTGate Version 2.1 Web interface Server Directory Traversal Vulnerability
Product:
FTGate Version 2.1
FTGate has many advanced features including:
- Proxy Support , Kill List , Advanced delivery options, Logging ,
Address Mapping-
- Domain Aliases, File import , Full Multithreading, HTML Interface
- Command Processor, RAS Dial-up/Proxy/LAN support, SmartPop
- Runs as either an Application or a service
- POP3 server.
- SMTP server/gateway
PROBLEM
UssrLabs found a FTGate Version 2.1 Web interface Server Directory Traversal
Vulnerability
Using the string '../' in a URL, an attacker can gain read access to
any file outside of the intended web-published filesystem directory
There is not much to expand on this one....
Example:
http://127.1:8080/../../../autoexec.bat to show autoexec.bat
Vendor Status:
no contacted
Vendor Url: http://www.floosietek.com
Program Url: http://www.floosietek.com/ftgatehome.htm
Credit: USSRLABS
SOLUTION
Nothing yet.
`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo05 Nov 1999 00:00Current
7.4High risk
Vulners AI Score7.4