Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 14 Feb 2007 17:09:32 GMT
From:      Ahsan Khan<ahsank@jahil.net>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   misc/109168: ftpd shows full system files when using FTP with IE7
Message-ID:  <200702141709.l1EH9WQN056338@www.freebsd.org>
Resent-Message-ID: <200702141710.l1EHAILP036411@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         109168
>Category:       misc
>Synopsis:       ftpd shows full system files when using FTP with IE7
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Feb 14 17:10:18 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator:     Ahsan Khan
>Release:        4.9-RELEASE FreeBSD 4.9-RELEASE #0
>Organization:
NA
>Environment:
FreeBSD xxxxxxxxx 4.9-RELEASE FreeBSD 4.9-RELEASE #0: Sun Oct 31 11:32:31 EST 2004     root@xxxxxxxx:/usr/src/sys/compile/jahil  i386
>Description:
When using FTP feature of Browser on IE7 browser shows file listing of / and one can then drill down to any other folder including etc, bin can read any file, can download any thing. system security is fully compromised.


>How-To-Repeat:
install IE7 on XP or Vista and open FTP using /etc/inetd.conf, then simplly do the FTP using any account, i have tried accounts with bash shell and it will show you the root of file system insted of user home folder.

These foders are not chroot so in theory users can go up one level and get to other folders anyway.
>Fix:
not known yet
>Release-Note:
>Audit-Trail:
>Unformatted:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200702141709.l1EH9WQN056338>