================================================================ BluePanda Vulnerability Announcement: WFTPD/WFTPD Pro 2.41 RC12 05/09/2000 (dd/mm/yyyy) bluepanda@dwarf.box.sk http://bluepanda.box.sk/ ================================================================ Problem: "Magic cookie" %C devulges sensitive information. Vulnerable: WFTPD/WFTPD Pro 2.41 RC12, and prior. Immune: WFTPD/WFTPD Pro 2.41 RC13. Vendor status: Notified. A fix has been released. ========== Details: ========== Use of the "magic cookie" %C reveals the full path of the current directory, ie: C:\>nc panda 21 220 WFTPD 2.4 service (by Texas Imperial Software) ready for new user user anonymous 331-Anonymous user access allowed - please enter your email 331-address as the password: 331 Give me your password, please pass 230 Logged in successfully %C 500 Unidentified command D:\FTPROOT\