Vulnerability Note VU#110803

CrushFTP Server does not adequately filter user input thereby permitting directory traversal

Original Release date: 20 Dec 2001 | Last revised: 20 Dec 2001

Overview

CrushFTP allows access to files outside the FTP root directory through directory traversal.

Description

CrushFTP is a Java-based FTP server available for Linux, Mac OS, and Windows. CrushFTP can be configured to limit access to files under a designated FTP root directory. However, CrushFTP allows an attacker to get files outside this directory through '../' directory traversal.

Impact

CrushFTP allows an attacker to see any file in the filesystem, including potentially sensitive and critical system files.

Solution

Upgrade to version 2.1.7 or later of CrushFTP at:

http://www.crushftp.com

Use chroot if available on your system, to limit the scope of CrushFTP's access to the filesystem.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Ben SpinkAffected29 Aug 200117 Nov 2001
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Thanks to Joe Testa for discovering this vulnerability.

This document was written by Shawn Van Ittersum.

Other Information

  • CVE IDs: CAN-2001-0582
  • Date Public: 23 May 2001
  • Date First Published: 20 Dec 2001
  • Date Last Updated: 20 Dec 2001
  • Severity Metric: 0.11
  • Document Revision: 12

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.