CVE-2001-0293
CVSS5.0
发布时间 :2001-05-03 00:00:00
修订时间 :2008-09-05 16:23:45
NMCOES    

[原文]Directory traversal vulnerability in FtpXQ FTP server 2.0.93 allows remote attackers to read arbitrary files via a .. (dot dot) in the GET command.


[CNNVD]Datawizards FtpXQ 目录遍历漏洞(CNNVD-200105-001)

        CVE(CAN) ID: CAN-2001-0293
        
        
        
        FtpQX 是为微软操作系统设计的 FTP 服务守护进程。它由
        
        Datawizard Technologies 发行和维护。
        
        
        
        该软件存在的一个问题使得可以访问受限资源。归咎于没有
        
        对输入作足够的检查,有可能访问 FTP 根目录之外文件。通
        
        过在 GET 请求中附加点,有可能穿过 FTP 根目录访问它的
        
        上层目录,检索已知的文件。
        
        
        
        这个漏洞使得恶意用户可以获取敏感信息,包括口令文件。
        
        
        
        <* 来源:joetesta (joetesta@hushmail.com) *>
        
        
        
        
        
        
        
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0293
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-0293
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200105-001
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/2426
(VENDOR_ADVISORY)  BID  2426
http://archives.neohapsis.com/archives/bugtraq/2001-02/0508.html
(VENDOR_ADVISORY)  BUGTRAQ  20010228 Vulnerability in FtpXQ Server

- 漏洞信息

Datawizards FtpXQ 目录遍历漏洞
中危 输入验证
2001-05-03 00:00:00 2005-10-20 00:00:00
本地  
        CVE(CAN) ID: CAN-2001-0293
        
        
        
        FtpQX 是为微软操作系统设计的 FTP 服务守护进程。它由
        
        Datawizard Technologies 发行和维护。
        
        
        
        该软件存在的一个问题使得可以访问受限资源。归咎于没有
        
        对输入作足够的检查,有可能访问 FTP 根目录之外文件。通
        
        过在 GET 请求中附加点,有可能穿过 FTP 根目录访问它的
        
        上层目录,检索已知的文件。
        
        
        
        这个漏洞使得恶意用户可以获取敏感信息,包括口令文件。
        
        
        
        <* 来源:joetesta (joetesta@hushmail.com) *>
        
        
        
        
        
        
        
        

- 公告与补丁

        
        
        临时解决办法:
        
        
        
         CNNVD建议您换用别的替代产品。
        
        
        
        厂商补丁:
        
        
        
         暂无
        

- 漏洞信息 (20651)

Datawizards FtpXQ 2.0.93 Directory Traversal Vulnerability (EDBID:20651)
windows local
2001-02-28 Verified
0 joetesta
N/A [点击下载]
source: http://www.securityfocus.com/bid/2426/info

FtpQX is a ftp daemon designed to provide ftp services for Microsoft Operating Systems. It is maintained and distributed by Datawizard Technologies.

A problem in the software could allow access to restricted resources. Due to insufficient input checking, it is possible to retrieve files outside of the ftp root directory. By preappending dots to a GET request, it is possible to traverse directories above the ftp root directory, and retrieve any known file.

This makes it possible for a malicious user with access to the ftp server to gain access to sensitive information, including password files stored on the server. 

ftp> cd ..
ftp> get ../../autoexec.bat 		

- 漏洞信息

7705
FtpXQ FTP Server GET Command Traversal Arbitrary File Access
Remote / Network Access Information Disclosure, Input Manipulation
Loss of Confidentiality
Exploit Public

- 漏洞描述

- 时间线

2001-02-28 Unknow
2001-02-28 Unknow

- 解决方案

Products

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Datawizards FtpXQ Directory Traversal Vulnerability
Input Validation Error 2426
No Yes
2001-02-28 12:00:00 2009-07-11 04:46:00
This vulnerability was first announced to Bugtraq by joetesta@hushmail.com on February 28, 2001.

- 受影响的程序版本

DataWizard FtpXQ 2.0.93
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0

- 漏洞讨论

FtpQX is a ftp daemon designed to provide ftp services for Microsoft Operating Systems. It is maintained and distributed by Datawizard Technologies.

A problem in the software could allow access to restricted resources. Due to insufficient input checking, it is possible to retrieve files outside of the ftp root directory. By preappending dots to a GET request, it is possible to traverse directories above the ftp root directory, and retrieve any known file.

This makes it possible for a malicious user with access to the ftp server to gain access to sensitive information, including password files stored on the server.

- 漏洞利用

This exploit was contributed by joetesta@hushmail.com:

ftp&gt; cd ..
ftp&gt; get ../../autoexec.bat

- 解决方案

Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 相关参考

     

     

    关于SCAP中文社区

    SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

    版权声明

    CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站