FTP Server Traversal Arbitrary File Access (RETR)

Medium Nessus Plugin ID 50811

Synopsis

The remote FTP server is susceptible to a directory traversal attack.

Description

The remote FTP server allows a user to retrieve files outside his home directory using a specially crafted 'RETR' command with traversal sequences.

A remote attacker could exploit this flaw to gain access to arbitrary files.

Solution

Contact the vendor for an update, use a different product, or disable the service altogether.

Plugin Details

Severity: Medium

ID: 50811

File Name: ftp_get_traversal.nasl

Version: 1.20

Type: remote

Family: FTP

Published: 2010/11/24

Modified: 2018/10/10

Dependencies: 10092, 11936

Risk Information

Risk Factor: Medium

CVSS Score Source: manual

CVSS Score Rationale: Score from a more in depth analysis done by tenable

CVSS v2.0

Base Score: 5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

CVSS v3.0

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Exploitable With

Metasploit (QuickShare File Server 1.2.1 Directory Traversal Vulnerability)

Reference Information

BID: 39919, 40419, 44543, 44574, 44759, 46165