• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Broker FTP Server File Listing Vulnerability

A vulnerability in the Broker FTP Server for Windows NT and Windows 98 allow remote users to obtain directory listings above the FTP root directory.

Although most FTP commands implemented by the Broker FTP Server, such as CWD and RETR, check whether the file or directory requested falls outside the FTP document three and fail if they do, the commands LIST and NLST do not. This allows a remote user connected to the FTP server to issue commands such as "LIST ..\..\winnt\" and "NLST ..\..\winnt\" to view the contents of directories above the FTP root.