Vulnerabilities > CVE-2001-0491 - Unspecified vulnerability in Team Johnlong Raidenftpd 2.1Build947

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
team-johnlong
nessus
exploit available
NVD
Published: 2001-06-27
Updated: 2024-11-20

Summary

Directory traversal vulnerability in RaidenFTPD Server 2.1 before build 952 allows attackers to access files outside the ftp root via dot dot attacks, such as (1) .... in CWD, (2) .. in NLST, or (3) ... in NLST.

Vulnerable Configurations

Part Description Count
Application
Team_Johnlong
1

Exploit-Db

descriptionRaidenFTPD 2.1 Directory Traversal Vulnerability. CVE-2001-0491. Remote exploit for windows platform
idEDB-ID:20803
last seen2016-02-02
modified2001-04-25
published2001-04-25
reporterjoetesta
sourcehttps://www.exploit-db.com/download/20803/
titleraidenftpd 2.1 - Directory Traversal Vulnerability

Nessus

NASL familyFTP
NASL idRAIDENFTPD_DIR_TRAVERSAL.NASL
descriptionThe remote host is running the RaidenFTPD FTP server. This version has a directory traversal vulnerability. An authenticated attacker could exploit this to read and write arbitrary files outside of the intended FTP root.
last seen2020-06-01
modified2020-06-02
plugin id18224
published2005-05-11
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/18224
titleRaidenFTPD Multiple Command Traversal Arbitrary File Access
code
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
 script_id(18224);
 script_version("1.13");

 script_cve_id("CVE-2001-0491");
 script_bugtraq_id(2655);

 script_name(english:"RaidenFTPD Multiple Command Traversal Arbitrary File Access");

 script_set_attribute(
   attribute:"synopsis",
   value:"The remote FTP server has a directory traversal vulnerability."
 );
 script_set_attribute(
   attribute:"description",
   value:
"The remote host is running the RaidenFTPD FTP server.  This version
has a directory traversal vulnerability.  An authenticated attacker
could exploit this to read and write arbitrary files outside of the
intended FTP root."
 );
 script_set_attribute(
   attribute:"solution",
   value:"Upgrade to RaidenFTPD 2.1 build 952 or later."
 );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N");
 script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");
 script_set_attribute(attribute:"plugin_publication_date", value: "2005/05/11");
 script_set_attribute(attribute:"vuln_publication_date", value: "2001/04/26");
 script_cvs_date("Date: 2018/07/25 18:58:04");
 script_set_attribute(attribute:"plugin_type", value:"remote");
 script_end_attributes();
 
 summary["english"] = "Detects RaidenFTPD Directory Traversal";
 script_summary(english:summary["english"]);
 
 script_category(ACT_GATHER_INFO);
  
 script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
 script_family(english:"FTP");
 script_dependencie("ftp_anonymous.nasl", "ftpserver_detect_type_nd_version.nasl");
 script_require_keys("ftp/login");
 script_require_ports("Services/ftp", 21);
 
 exit(0);
}

#
# The script code starts here
#

include("misc_func.inc");
include("ftp_func.inc");

port = get_ftp_port(default: 21);

login = get_kb_item_or_exit("ftp/login");
password = get_kb_item_or_exit("ftp/password");

 banner = get_ftp_banner(port: port);
 if ( ! banner ) exit(0);
 if (!egrep(pattern:".*RaidenFTPD.*", string:banner))exit(0);
soc = open_sock_tcp(port);
if (! soc) exit(1);
	ftp_recv_line(socket:soc);
       if(ftp_authenticate(socket:soc, user:login, pass:password))
	      {
   		s = string("GET ....\....\autoexec.bat\r\n");
   		send(socket:soc, data:s);
   		r = ftp_recv_line(socket:soc);
		if ("150 Sending " >< r) security_warning(port);
	      }
       close(soc);

exit(0);

References