[Sentry Research Labs - ID0301061701] This advisory is provided by www.sentry-labs.com Note: This advisory is for information and educational purpouse only! We are not responsible for any abuse or damage resulting from these information. Author: Siberian Topic: Serveral Security Flaws in Surge FTP Server Affected: Surdge FTP Server 2.0a Tested with Windows 98 SE and Surge FTP Server 2.0a Trial Vendor Status: Informed, bugfix available Vendor URL: http://netwinsite.com/surgeftp/ Preamble: Surge FTP Server is a US$385 FTP Server Software from Netwin, which come with serveral features like webinterface and other intresting features Issue: 1.) A simple directory transversal bug allows listing of normaly unaccessable files 2.) FTP allows anybody to DOS the machine with a well known con/con attack. Exploit: 1.) Connect to the server with anonymous and type "nlist ..." 2.) Connect to the server with anonymous and type cd con/con (yes, this is well know and works with MANY other too, but we think it should be filtered). Workaround: update to ver 2.0b available form www.netwinsite.com/surgeftp
This archive was generated by hypermail 2b30 : Tue Jun 19 2001 - 07:23:57 PDT