OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: ByteRage (byterageyahoo.com)
Date: Mon Jul 02 2001 - 09:23:53 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    BisonFTP Server V4R1 *.bdl upload Directory Traversal
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    AFFECTED SYSTEMS

    Bison FTP Server V4R1

    DESCRIPTION

    BisonFTP Server V4R1 allows any user to upload *.bdl
    (a file format invented to make links to directories)
    :

    PUT \local.bdl remote.bdl

    (We don't even need to append a dot, we can just
    upload it)

    If we create a *.bdl pointing to the harddrive's root
    (using our own copy of BisonFTP Server) and we CD to
    that link, we can browse the entire drive and we have
    the same rights as we have in our homedirectory + we
    can dive into subdirs whilst keeping the same rights.

    IMPACT
    users with write permissions can traverse directories,
    by uploading a bdl file pointing to the desired
    (root)directory

    VENDOR STATUS

    I have sent this advisory to infobisonftp.com

    =======================================================
    [ByteRage] byterageyahoo.com [www.byterage.cjb.net]
    =======================================================

    __________________________________________________
    Do You Yahoo!?
    Get personalized email addresses from Yahoo! Mail
    http://personal.mail.yahoo.com/