BisonFTP Server V4R1 *.bdl upload Directory Traversal ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ AFFECTED SYSTEMS Bison FTP Server V4R1 DESCRIPTION BisonFTP Server V4R1 allows any user to upload *.bdl (a file format invented to make links to directories) : PUT \local.bdl remote.bdl (We don't even need to append a dot, we can just upload it) If we create a *.bdl pointing to the harddrive's root (using our own copy of BisonFTP Server) and we CD to that link, we can browse the entire drive and we have the same rights as we have in our homedirectory + we can dive into subdirs whilst keeping the same rights. IMPACT users with write permissions can traverse directories, by uploading a bdl file pointing to the desired (root)directory VENDOR STATUS I have sent this advisory to infoat_private ======================================================= [ByteRage] byterageat_private [www.byterage.cjb.net] ======================================================= __________________________________________________ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail http://personal.mail.yahoo.com/
This archive was generated by hypermail 2b30 : Mon Jul 02 2001 - 10:00:08 PDT