GEN:SID | 1:1992 |
Message | FTP LIST directory traversal attempt |
Summary | This event is generated when an attempt is made to list directories outside the ftp root directory.
|
Impact | Information disclosure. This is a directory traversal attempt which can lead to information disclosure and possible exposure of sensitive system information.
|
Detailed Information | Some versions of the QVT FTP server from QPC Software allows browsing the directory structure of a host using a directory traversal technique.
|
Affected Systems | QPC Software QVT/Net 4.0 for Windows NT, 2000 and 9x QPC Software QVT/Term 5.0 for Windows NT, 2000 and 9x Other FTP servers may be vulnerable
|
Attack Scenarios | An authorized user or anonymous user can use the directory traversal technique, to browse folders outside the ftp root directory. Information gathered may be used in further attacks against the host.
|
Ease of Attack | Simple. No exploit software required.
|
Corrective Action | Apply the appropriate vendor supplied patches
Upgrade the software to the latest non-affected version.
|
Additional References | |
Rule References | bugtraq: 2618
cve: 2001-0680
cve: 2002-1054
nessus: 11112
|