glftpd privpath Directive Vulnerability

From the example posted to Bugtraq:

/Groups/Mygroup and you have a dir named 'test' there.
you can simply jump to it by typing
'chdir /Groups/Mygroup/t'
glftpd does not check if you have the proper rights to see the dir, it just hops in there without any problem. So if you try a-9 on the dirnames you can see all stuff inside a private dir,, takes some time, but with a nice script its not that hard... ;-)


 

Privacy Statement
Copyright 2010, SecurityFocus