Received notification from vendor that vulnerability was fixed in version 1.11. ![]() Received reply that the release date of the fixed version is still unknown. Received reply from vendor that developers have been informed, but no ETA yet. Classic FTP has a compare directories feature, which allows users to check the difference between local files and remote ones. For non-commercial users, it is pretty simple to use. Vulnerability details sent to vendor again via online form (no reply). Classic FTP is available for free only for non-commercial use, so you are out of luck here. Vulnerability details sent to vendor via online form (no reply). Update to version 1.11, which fixes this vulnerability. Hence, by tricking a user to download a directory from a malicious FTP server, an attacker can potentially leverage this issue to write files into a user's Startup folder and execute arbitrary code when the user logs on. Now, if you attempt to download the /testdir directory into C:\aaaa\bbbb\cccc\etc, you'll notice that testfile.txt will be written into C:\ instead of into C:\aaaa\bbbb\cccc\etc\testdir\testfile.txt.If you traverse into that directory you'll see a file ( testfile.txt) with directory traversal characters in its filename (see below).You'll see a directory named /testdir on the POC FTP server (see below).Use Classic FTP to connect to the POC FTP server.Ensure that Classic FTP is configured to use Passive mode. ![]() Go to the command prompt and run ClassicFTPPOC.exe or ClassicFTPPOC-forward.exe on a system.ClassicFTPPOC.exe sends filenames with backslash directory traversal characters, whereas ClassicFTPPOC-forward.exe sends filenames with forward-slash traversal characters.ClassicFTPPOC.exe and ClassicFTPPOC-forward.exe are POC FTP servers that will send filenames with directory traversal characters in response to LIST commands.This gives ClassicFTPPOC.exe and ClassicFTPPOC-forward.exe.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |