ID #1275

Is eScan affected by FTP vulnerability CVE-2008-1221?

This is a very old vulnerability,it has been patched and eScan users are safe from the said vulnerability by the virtue of using the latest version of eScan V 14.

 

Description

The eScan Server (eserv.exe) listens on port 2021 for FTP connections using c\:pub as root path.

Although the server tries to avoid possible directory traversal attacks for example rejecting the dotdot patterns, is still possible for an attacker to download any file from the disk of the remote system simply applying a slash or a backslash at the beginning of the filename for selecting the root path of the disk.

For example /boot.ini, windows/win.ini and so on.

Only downloading files is allowed by the server, so deleting or uploading custom files is not possible.

 

Code
ftp://SERVER:2021//windows/win.ini
or manually:
ftp -A
open SERVER 2021
get /windows/win.ini local_win.ini

 

The output will be as shown below 

Tags: -

Related entries:

You cannot comment on this entry