3D-FTP Multiple Directory Traversal Vulnerabilities

high Nessus Plugin ID 33218

Synopsis

The remote host has an application that is affected by multiple directory traversal vulnerabilities.

Description

The remote host has the 3D-FTP FTP client installed.

The installed version of 3D-FTP is affected by multiple directory traversal vulnerabilities. By prefixing '../' to filenames in response to 'LIST' and 'MLSD' commands, it may be possible for an attacker to write arbitrary files outside the client's directory, subject to the privileges of the user. An attacker can leverage this issue to write arbitrary files (potentially containing malicious code) to client startup directory which would then be executed when the user logs on.
In order to successfully exploit this issue, an attacker must trick a user into downloading a specially-named file from a malicious ftp server.

Solution

Upgrade to 3D-FTP version 8.0.2 or later.

See Also

http://vuln.sg/3dftp801-en.html

http://www.3dftp.com/3dftp_versions.htm

Plugin Details

Severity: High

ID: 33218

File Name: 3dftp_dir_traversal.nasl

Version: 1.12

Type: local

Agent: windows

Family: Windows

Published: 6/18/2008

Updated: 6/27/2018

Supported Sensors: Nessus Agent

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.6

Temporal Score: 6

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Temporal Vector: E:POC/RL:OF/RC:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

CVE: CVE-2008-2822

BID: 29749

Secunia: 30651

CWE: 22