RaidenFTPD Unauthorized File Access Vulnerability
BID:13292
Info
RaidenFTPD Unauthorized File Access Vulnerability
| Bugtraq ID: | 13292 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 21 2005 12:00AM |
| Updated: | Apr 21 2005 12:00AM |
| Credit: | Discovery of this vulnerability is credited to Lachlan. H. |
| Vulnerable: |
Raiden Professional Servers RaidenFTPD 2.4 .2240 |
| Not Vulnerable: |
Raiden Professional Servers RaidenFTPD 2.4 .2241 |
Discussion
RaidenFTPD Unauthorized File Access Vulnerability
RaidenFTPD is prone to a vulnerability that could allow unauthorized access to files outside the FTP root. The issue exists due to a lack of sufficient sanitization performed on 'SITE urlget' requests. Directory traversal sequences may be passed as a parameter for this request.
This vulnerability allows a remote attacker to read files outside of the FTP document root directory. An attacker may read files with the privileges of the FTP server process.
This issue was reported to affect all versions of RaidenFTPD prior to 2.4.2241.
RaidenFTPD is prone to a vulnerability that could allow unauthorized access to files outside the FTP root. The issue exists due to a lack of sufficient sanitization performed on 'SITE urlget' requests. Directory traversal sequences may be passed as a parameter for this request.
This vulnerability allows a remote attacker to read files outside of the FTP document root directory. An attacker may read files with the privileges of the FTP server process.
This issue was reported to affect all versions of RaidenFTPD prior to 2.4.2241.
Exploit / POC
RaidenFTPD Unauthorized File Access Vulnerability
The following example exploit is available:
quote site urlget file://\..\\boot.ini
The following example exploit is available:
quote site urlget file://\..\\boot.ini
Solution / Fix
RaidenFTPD Unauthorized File Access Vulnerability
Solution:
The vendor has fixed this issue in RaidenFTPD 2.4.2241.
Raiden Professional Servers RaidenFTPD 2.4 .2240
Solution:
The vendor has fixed this issue in RaidenFTPD 2.4.2241.
Raiden Professional Servers RaidenFTPD 2.4 .2240
-
Raiden Professional Servers RaidenFTPD 2.4.2241
http://www.raidenmaild.com/download/raidenftpd2.exe
References
RaidenFTPD Unauthorized File Access Vulnerability
References:
References:
- [IMPORTANT NOTICE] Vulnerability in RaidenFTPD versions before 2.4.2241 (Raiden Professional Servers)
- RaidenFTPD Homepage (Raiden Professional Servers)