FtpQX Directory Traversal Vulnerability

vendor:

FtpQX

by:

SecurityFocus

7.5

CVSS

HIGH

Directory Traversal

CWE

Product Name: FtpQX

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: YES

Related CWE: N/A

CPE: a:datawizard_technologies:ftpqx

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Microsoft Operating Systems

2002

FtpQX Directory Traversal Vulnerability

FtpQX is a ftp daemon designed to provide ftp services for Microsoft Operating Systems. It is maintained and distributed by Datawizard Technologies. A problem in the software could allow access to restricted resources. Due to insufficient input checking, it is possible to retrieve files outside of the ftp root directory. By preappending dots to a GET request, it is possible to traverse directories above the ftp root directory, and retrieve any known file. This makes it possible for a malicious user with access to the ftp server to gain access to sensitive information, including password files stored on the server.

Mitigation:

Ensure that all input is properly validated and sanitized before being used in any file system operations.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2426/info

FtpQX is a ftp daemon designed to provide ftp services for Microsoft Operating Systems. It is maintained and distributed by Datawizard Technologies.

A problem in the software could allow access to restricted resources. Due to insufficient input checking, it is possible to retrieve files outside of the ftp root directory. By preappending dots to a GET request, it is possible to traverse directories above the ftp root directory, and retrieve any known file.

This makes it possible for a malicious user with access to the ftp server to gain access to sensitive information, including password files stored on the server. 

ftp> cd ..
ftp> get ../../autoexec.bat