Conti FTP Insecure Default Accounts and Directory Traversal Vulnerabilities
BID:21174
Info
Conti FTP Insecure Default Accounts and Directory Traversal Vulnerabilities
| Bugtraq ID: | 21174 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 18 2006 12:00AM |
| Updated: | Nov 22 2006 09:40PM |
| Credit: | Greg Linares is credited with the discovery of this issue. |
| Vulnerable: |
Conti FTP Conti FTP 1.0 |
| Not Vulnerable: | |
Discussion
Conti FTP Insecure Default Accounts and Directory Traversal Vulnerabilities
Conti FTP is prone to an insecure-default-accounts vulnerability and a directory-traversal vulnerability.
An attacker could exploit these issues to access or modify arbitrary files on the affected computer. This may result in the compromise of the computer; other attacks are possible.
Conti FTP 1.0 is vulnerable; other versions may also be affected.
Conti FTP is prone to an insecure-default-accounts vulnerability and a directory-traversal vulnerability.
An attacker could exploit these issues to access or modify arbitrary files on the affected computer. This may result in the compromise of the computer; other attacks are possible.
Conti FTP 1.0 is vulnerable; other versions may also be affected.
Exploit / POC
Conti FTP Insecure Default Accounts and Directory Traversal Vulnerabilities
To exploit these issues, an attacker can use readily available FTP clients to connect to the server.
To exploit these issues, an attacker can use readily available FTP clients to connect to the server.
Solution / Fix
Conti FTP Insecure Default Accounts and Directory Traversal Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
References
Conti FTP Insecure Default Accounts and Directory Traversal Vulnerabilities
References:
References:
- Homepage (Conti Software)