(Vendor Issues Fix) Re: BisonFTP Server Discloses Files on the Server's Disk to Remote Users That Have Write Access on the FTP Server
|
|
SecurityTracker Alert ID: 1002172 |
|
SecurityTracker URL: http://securitytracker.com/id/1002172
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Aug 10 2001
|
Impact:
Disclosure of system information, Disclosure of user information
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): V4R1
|
Description:
ByteRage reported a vulnerability in BisonFTP server that allows remote users with write access to the FTP server to obtain files located anywhere on the same drive thast the server application is installed on.
A remote user that has write access to the FTP server (including anonymous write access) can upload a *.bdl directory link file. When the remote user changes directory (CD) to that *.bdl file, the FTP server will change to the directory specified in the link file.
The remote user can use this method to browse the entire drive with the same rights as assigned to the user's homedirectory.
The vendor has reportedly been notified.
|
Impact:
A remote user with write permissions on the FTP server can traverse the drive that the FTP server is installed on and can retrieve files.
|
Solution:
The vendor has issued a fix. The vendor notes that the fix was released on the same day that the original vulnerability was reported. The fix is available at: http://www.bisonftp.com
|
Vendor URL: www.bisonftp.com/index.htm (Links to External Site)
|
Cause:
Access control error, Input validation error
|
Underlying OS:
Windows (Me), Windows (NT), Windows (95), Windows (98), Windows (2000)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Fri, 10 Aug 2001 09:10:35 -0400
Subject: BisonFTP Vulnerability
|
From: BisonFTP Support
The BisonFTP server problem that you have on your site was fixed on the
same day as your post of the problem. The fix is available from
www.bisonftp.com
|
|
