('binary' encoding is not supported, stored as-is) Plaintext Password Vulnerability ------------------------------------ User info is stored in users.dat in plaintext. If the anonymous account is present (it is by default) the entire FTP server can be compromised ftp://somewhere/program files/pablo's ftp service/users.dat Default Anonymous Account ------------------------------------ The anonymous account is by default set to have download access to anything in the C:\ directory. While this can be disabled by simply deleting the anonymous account, it poses a serious threat for anyone not aware of the problem. ftp://somewhere/windows/repair/sam In conclusion this application is totally open to complete compromise by default. Vendor was notified and plans on releasing a fix soon. Credits ------------------------------------ Creits go to JeiAr of GulfTech Computers and CSA Security Research Team http://www.gulftech.org
This archive was generated by hypermail 2b30 : Tue Jun 03 2003 - 14:42:08 PDT