CVE-2001-0255
CVSS5.0
发布时间 :2001-06-02 00:00:00
修订时间 :2016-10-17 22:10:21
NMCOES    

[原文]FaSTream FTP++ Server 2.0 allows remote attackers to list arbitrary directories by using the "ls" command and including the drive letter name (e.g. C:) in the requested pathname.


[CNNVD]Fastream FTP++目录遍历漏洞(CNNVD-200106-044)

        FaSTream FTP++ Server 2.0版本存在漏洞。远程攻击者可以通过在需要的路径名中使用"ls"命令以及包含驱动器号名称(e.g. C:)列出任意目录。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:fastream:fastream_ftp%2b%2b_server:2.0
cpe:/a:fastream:fastream_ftp_server:2.0beta_11

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0255
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-0255
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200106-044
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=98021181215325&w=2
(UNKNOWN)  BUGTRAQ  20010119 Multiple Vulnerabilities In FaSTream FTP++ (+ ICS Tftpserver DoS)
http://www.securityfocus.com/bid/2267
(VENDOR_ADVISORY)  BID  2267
http://xforce.iss.net/static/5977.php
(VENDOR_ADVISORY)  XF  fastream-ftp-path-disclosure

- 漏洞信息

Fastream FTP++目录遍历漏洞
中危 输入验证
2001-06-02 00:00:00 2006-09-05 00:00:00
远程※本地  
        FaSTream FTP++ Server 2.0版本存在漏洞。远程攻击者可以通过在需要的路径名中使用"ls"命令以及包含驱动器号名称(e.g. C:)列出任意目录。

- 公告与补丁

        This issue will be addressed in Fastream FTP++Server 2.0beta 12. The release date is not yet known.

- 漏洞信息 (20584)

Fastream FTP++ 2.0 Directory Traversal Vulnerability (EDBID:20584)
windows remote
2001-01-22 Verified
0 SNS Research
N/A [点击下载]
source: http://www.securityfocus.com/bid/2267/info

It is possible for a remote uesr to gain read permissions outside of the Faststream FTP++ Server directory. By requesting an 'ls' command along with the drive name, Fastream FTP++ will disclose the contents of the requested drive. 

ftp> pwd
257 "/C:/FTPROOT/" is current directory.
ftp> ls c:/
200 Port command successful.
150 Opening data connection for directory list.

(listing of c:\) 		

- 漏洞信息

12103
Fastream FTP++ Server Malformed ls Command Arbitrary Directory Listing
Remote / Network Access Race Condition
Loss of Confidentiality
Exploit Public

- 漏洞描述

Fastream FTP++ Server contains a flaw that may lead to unauthorized file access. The issue is triggered when a remote attacker uses "ls" command and includes the drive letter in the requested path name, which will allow a remote attacker to list directories outside of the Faststream FTP++ Server directory, resulting in a loss of confidentiality.

- 时间线

2001-01-19 Unknow
2001-01-19 Unknow

- 解决方案

Upgrade to version 2.0 Beta 10 Build 3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Fastream FTP++ Directory Traversal Vulnerability
Input Validation Error 2267
Yes Yes
2001-01-22 12:00:00 2009-07-11 04:46:00
Discovered and posted to Bugtraq by SNS Research <vulndev@greyhack.com> on Jan 22, 2001.

- 受影响的程序版本

Fastream FTP++Server 2.0
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
Fastream FTP Server 2.0 beta 11
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0

- 漏洞讨论

It is possible for a remote uesr to gain read permissions outside of the Faststream FTP++ Server directory. By requesting an 'ls' command along with the drive name, Fastream FTP++ will disclose the contents of the requested drive.

- 漏洞利用

The following example has been provided by SNS Research &lt;vuln-dev@greyhack.com&gt;:

ftp&gt; pwd
257 "/C:/FTPROOT/" is current directory.
ftp&gt; ls c:/
200 Port command successful.
150 Opening data connection for directory list.

(listing of c:\)

- 解决方案

This issue will be addressed in Fastream FTP++Server 2.0beta 12. The release date is not yet known.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站