4D WebSTAR Symlink Privilege Escalation

This script is Copyright (C) 2004-2011 Tenable Network Security, Inc.

Synopsis :

The remote FTP server is affected by a local symbolic link

Description :

The remote server is running 4D WebStar FTP Server. The version of 4D
WebStar FTP Server on the remote host is reportedly affected by a
local symbolic link vulnerability caused by the application opening
files without properly verifying their existence or their absolute

Successful exploitation of this issue will allow an attacker to write
to arbitrary files subject to the permissions of the affected

See also :


Solution :

Upgrade to 4D WebStar 5.3.3 or later.

Risk factor :

Low / CVSS Base Score : 3.6
CVSS Temporal Score : 3.0
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 14241 (4d_webstar_symb_link.nasl)

Bugtraq ID: 10714

CVE ID: CVE-2004-0698

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial