Test Kennung:	1.3.6.1.4.1.25623.1.0.900260
Kategorie:	FTP
Titel:	Home FTp Server DOS And Multiple Directory Traversal Vulnerabilities
Zusammenfassung:	Home Ftp Server is prone to Denial of Service and Directory Traversal Vulnerabilities using invalid commands.
Beschreibung:	Summary: Home Ftp Server is prone to Denial of Service and Directory Traversal Vulnerabilities using invalid commands. Vulnerability Insight: - An error in the handling of multiple 'SITE INDEX' commands can be exploited to stop the server. - An input validation error when handling the MKD FTP command can be exploited to create directories outside the FTP root or create files with any contents in arbitrary directories via directory traversal sequences in a file upload request. Vulnerability Impact: Successful exploitation will allow attackers to cause a Denial of Service or directory traversal attacks on the affected application. Affected Software/OS: Home FTP Server version 1.10.1.139 and prior. Solution: Upgrade to Home FTP Server version 1.10.3.144 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4051 BugTraq ID: 37033 http://www.securityfocus.com/bid/37033 Bugtraq: 20091116 Home FTP Server 'SITE INDEX' Command Remote Denial of Service Vulnerability (Google Search) http://www.securityfocus.com/archive/1/507893/100/0/threaded http://secunia.com/advisories/37381 http://www.vupen.com/english/advisories/2009/3269 Common Vulnerability Exposure (CVE) ID: CVE-2009-4053
Copyright	Copyright (C) 2009 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.