Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   


Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker

Category:   Application (File Transfer/Sharing)  >   Smallftpd Vendors:
Smallftpd Discloses Files on the System to Remote Users
SecurityTracker Alert ID:  1006685
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Apr 30 2003
Impact:   Denial of service via network, Disclosure of system information, Disclosure of user information
Exploit Included:  Yes  
Version(s): 1.0.2 and prior versions
Description:   A vulnerability was reported in Smallftpd. A remote user can view files on the server that are located outside of the FTP root directory.

It is reported that a remote authenticated user, including an anonymous user, can generate a CWD command with directory traversal characters ".." to view files located outside of the FTP document directory.

A demonstration exploit is provided:

CWD \..\..

It is also reported that version 0.99 allows remote users to send "%s %s" as the login name to cause the FTP service to crash. A remote authenticated user can also trigger a buffer overflow by issuing a command with more than 280 characters, cauing the service to crash.

Impact:   A remote authenticated user (including an anonymous users) can view files on the system that are located outside of the FTP document directory.

On previous versions (0.99), a remote authenticated user can cause the system to crash.

Solution:   No solution was available at the time of this entry.
Vendor URL: (Links to External Site)
Cause:   Boundary error, Input validation error
Underlying OS:  Windows (Any)

Message History:   None.

 Source Message Contents

Date:  Wed, 30 Apr 2003 12:05:27 +0200
Subject:  smallftpd's version 1.0.2 Directory Transversal Vulnerability

Smallftpd is a simple and small Ftp server for windows. A vulnerability 
exists in smallftpd v 1.02( that allow 
unauthorizeded users to browse the root directorys and skip access list.

CWD \..\..
250 CWD command successful.

also smallftpd v0.99 avaliable to download at too 
have multiple vulnerabilities.

Denial OF service: just type "%s %s" as login and the ftp server will crash.
buffer overflows when a command have length >280 chars. example: cd 

this bugs seems to be patched in the lastest version.

at4r [at] Security 2003

Melodías, logos y mil servicios para tu teléfono en MSN Móviles.


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

Copyright 2017, LLC