header-logo
Suggest Exploit
vendor:
Secure FTP
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: Secure FTP
Affected Version From: 2.5.15
Affected Version To: 2.5.15
Patch Exists: YES
Related CWE: N/A
CPE: a:glub_tech:secure_ftp
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Microsoft Windows
2008

Glub Tech Secure FTP Directory Traversal Vulnerability

Glub Tech Secure FTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues will allow an attacker to write arbitrary files to locations outside of the application's current directory. This could help the attacker launch further attacks.

Mitigation:

Input validation should be used to ensure that user-supplied input is properly sanitized.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/29741/info

Glub Tech Secure FTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. This issue occurs in the FTP client.

Exploiting these issues will allow an attacker to write arbitrary files to locations outside of the application's current directory. This could help the attacker launch further attacks.

Secure FTP 2.5.15 for Microsoft Windows is vulnerable; other versions may also be affected.

Response to LIST:

\..\..\..\..\..\..\..\..\..\testfile.txt\r\n

Navigation

Suggest Exploit

Services By CQR