[30343] in bugtraq
Vulnerabilities In Pablo Software Solutions FTP Service 1.2
daemon@ATHENA.MIT.EDU (JeiAr)
Tue Jun 3 17:46:50 2003
Date: 3 Jun 2003 20:41:27 -0000
Message-ID: <20030603204127.22668.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: JeiAr <jeiar@kmfms.com>
To: bugtraq@securityfocus.com
Plaintext Password Vulnerability
------------------------------------
User info is stored in users.dat in plaintext. If the
anonymous account is present (it is by default) the
entire FTP server can be compromised
ftp://somewhere/program files/pablo's ftp service/users.dat
Default Anonymous Account
------------------------------------
The anonymous account is by default set to
have download access to anything in the C:\
directory. While this can be disabled by simply
deleting the anonymous account, it poses a
serious threat for anyone not aware of the problem.
ftp://somewhere/windows/repair/sam
In conclusion this application is totally open to
complete compromise by default. Vendor was notified
and plans on releasing a fix soon.
Credits
------------------------------------
Creits go to JeiAr of GulfTech Computers
and CSA Security Research Team
http://www.gulftech.org
