Frigate 3.36 Directory Traversal

Type packetstorm
Reporter High-Tech Bridge SA
Modified 2010-08-06T00:00:00


                                            `Vulnerability ID: HTB22526  
Product: Frigate 3 built-in FTP client  
Vendor: WinFrigate ( )   
Vulnerable Version: 3.36 and Probably Prior Versions  
Vendor Notification: 22 July 2010   
Vulnerability Type: Directory Traversal Vulnerability  
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response  
Risk level: High   
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (   
Vulnerability Details:  
When exploited, this vulnerability allows an anonymous attacker to write files to specified locations on a user's system.  
The FTP client does not properly sanitise filenames containing directory traversal sequences that are received from an FTP server, for example  
file named as "..\..\..\..\..\..\..\somefile.exe".  
By tricking a user to download a directory from a malicious FTP server that contains files with backslash directory traversal sequences in their filenames,   
an attacker can potentially write files into a user's Startup folder to execute malicious code when the user logs on.