Some vulnerabilities have been discovered in Core FTP Server / SFTP Server, which can be exploited by malicious users to bypass certain security restrictions, disclose sensitive information, or potentially compromise a vulnerable system.
1) An input sanitation error exists in the FTP server when processing FTP commands. This can be exploited to list the content of arbitrary directories via directory traversal sequences (e.g. ".../").
2) An error when processing "mkdir" commands can be exploited to create directories residing outside a given user's home directory via directory traversal attacks.
3) A boundary error in the SFTP service when processing overly long file names can be exploited to cause a heap-based buffer overflow via a specially crafted e.g. "open" or "stat" command.
Successful exploitation of this vulnerability may allow execution of arbitrary code.
The vulnerabilities are confirmed in version 1.0 build 347. Other versions may also be affected.
Solution: Restrict access to trusted users only.
Provided and/or discovered by: 1) John Leitch
2, 3) leinakesi
Original Advisory: 1) http://cross-site-scripting.blogspot.com/2010/05/core-ftp-server-10343-directory.html
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: Core FTP Server / SFTP Server Multiple Vulnerabilities
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.