Reported February 13, 2002, by SNS Research.
VERSION AFFECTED
-
Cooolsoft PowerFTP Server 2.10 for Windows
DESCRIPTION
Several vulnerabilities exist in Cooolsoft’s PowerFTP
2.10 for Windows. The first vulnerability lets an attacker traverse the user
directory by either a direct-path request (such as DIR C:\) or double-dot
notation (such as DIR \..\*.*) and permits access to any file on the system. A
second vulnerability results from the way the system stores all account
information unencrypted in the ftpserver.ini file. Access to this file through
the directory traversal vulnerability gives an intruder elevated privileges on
the system. A third vulnerability involves a Denial of Service (DoS) attack
condition created when the server receives a string of 2050 or more bytes.
VENDOR RESPONSE
The vendor, Cooolsoft, has been notified but hasn't issued a patch.
CREDIT
Discovered by SNS
Research.