AceFTP Freeware和AceFTP Pro FTP客户端目录遍历漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1115572 漏洞类型 路径遍历
发布时间 2008-06-27 更新时间 2008-11-20
CVE编号 CVE-2008-5175 CNNVD-ID CNNVD-200811-334
漏洞平台 Windows CVSS评分 9.3
|漏洞来源
https://www.exploit-db.com/exploits/31997
https://www.securityfocus.com/bid/29989
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200811-334
|漏洞详情
AceFTP是一个通过ftp协议进行文件传输的解决方案,包括服务器端程序和客户端程序。AceFTPFreeware和AceFTPPro中的FTP客户端中存在目录遍历漏洞。远程FTP服务器可以借助一个对LIST指令的反应的..来创建或重写任意文件。该漏洞与CVE-2002-1345有关。
|漏洞EXP
source: http://www.securityfocus.com/bid/29989/info

AceFTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input.

Exploiting this issue allows an attacker to write arbitrary files to locations outside of the application's current directory. This could help the attacker launch further attacks.

AceFTP Freeware 3.80.3 and AceFTP Freeware 3.80.3 are vulnerable; other versions may also be affected.

Response to LIST:

/../../../../../../../../../testfile.txt\r\n
|受影响的产品
Visicom Media AceFTP Pro 3.80.3 Visicom Media AceFTP Freeware 3.80.3
|参考资料

来源:XF
名称:aceftp-list-directory-traversal(43400)
链接:http://xforce.iss.net/xforce/xfdb/43400
来源:BID
名称:29989
链接:http://www.securityfocus.com/bid/29989
来源:VUPEN
名称:ADV-2008-1954
链接:http://www.frsirt.com/english/advisories/2008/1954/references
来源:MISC
链接:http://vuln.sg/aceftp3803-en.html
来源:SECUNIA
名称:30792
链接:http://secunia.com/advisories/30792