Exploit RaidenFTPd 2.4 - Unauthorized File Access

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
25486
Проверка EDB
  1. Пройдено
Автор
LACHLAN. H
Тип уязвимости
REMOTE
Платформа
WINDOWS
CVE
cve-2005-1480
Дата публикации
2005-04-21
Код:
source: https://www.securityfocus.com/bid/13292/info

RaidenFTPD is prone to a vulnerability that could allow unauthorized access to files outside the FTP root. The issue exists due to a lack of sufficient sanitization performed on 'SITE urlget' requests. Directory traversal sequences may be passed as a parameter for this request.

This vulnerability allows a remote attacker to read files outside of the FTP document root directory. An attacker may read files with the privileges of the FTP server process.

This issue was reported to affect all versions of RaidenFTPD prior to 2.4.2241.

quote site urlget file://\..\\boot.ini
 
Источник
www.exploit-db.com

Похожие темы