lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <twig.1124895597.73569@autistici.org>
Date: Wed, 24 Aug 2005 14:59:57 -0000
From: "Donato Ferrante" <fdonato@...istici.org>
To: <bugtraq@...urityfocus.com>, <vuln@...unia.com>,
	<full-disclosure@...ts.grok.org.uk>, <bugs@...uritytracker.com>,
	<news@...uriteam.com>
Subject: (no subject)



                           Donato Ferrante


Application:  Home Ftp Server
              http://downstairs.dnsalias.net/homeserver.html

Version:      1.0.7 b45

Bugs:         Multiple Vulnerabilities

Date:         24-Aug-2005

Author:       Donato Ferrante
              e-mail: fdonato@...istici.org
              web:    www.autistici.org/fdonato



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

1. Description
2. The bugs
3. The code
4. The fix



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

----------------
1. Description:
----------------

Vendor's Description:

"Home ftp server is a very easy to use Windows FTP server application
 with all the nice ftp features included."



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

-------------
2. The bugs:
-------------

i.  Information Discolusure, the program by default stores users
    information ("ftpmembers.lst") and ftp server settings
    ("ftpsettings.lst") into program's directory which is the default
    users home directory.
    Note that ftpmembers.lst and ftpsettings.lst are in clear text.
    So a malicious user once logged in, can see server settings and
    users info in the home directory.


ii. Directory Traversal, the program allows users to see and/or
    download (if Allow download files is enabled) all the files
    available on the remote system.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

-------------
3. The code:
-------------

www.autistici.org/fdonato/poc/HomeFtpServer107b45_MV_poc.py



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
4. The fix:
------------

No fix.
No reply from vendor.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ