vuln.sg  pgsm super dance lesson 640x480 xvid dvdrip fixed

vuln.sg Vulnerability Research Advisory

AceFTP FTP-Client Directory Traversal Vulnerability

by Tan Chew Keong
Release Date: 2008-06-27

pgsm super dance lesson 640x480 xvid dvdrip fixed   [en] [jp]

pgsm super dance lesson 640x480 xvid dvdrip fixed Summary

A vulnerability has been found within the FTP client in AceFTP. When exploited, this vulnerability allows an anonymous attacker to write files to arbitrary locations on a Windows user's system.


pgsm super dance lesson 640x480 xvid dvdrip fixed Tested Versions


pgsm super dance lesson 640x480 xvid dvdrip fixed Details

This advisory discloses a vulnerability within the FTP client in AceFTP. When exploited, this vulnerability allows an anonymous attacker to write files to arbitrary locations on a Windows user's system.

The FTP client does not properly sanitise filenames containing directory traversal sequences (forward-slash) that are received from an FTP server in response to the LIST command.

An example of such a response from a malicious FTP server is shown below. 


Response to LIST (forward-slash):

-rw-r--r--    1 ftp      ftp            20 Mar 01 05:37 /../../../../../../../../../testfile.txt\r\n
 

By tricking a user to download a directory from a malicious FTP server that contains files with fowward-slash directory traversal sequences in their filenames, it is possible for the attacker to write files to arbitrary locations on a user's system with privileges of that user. An attacker can potentially leverage this issue to write files into a user's Windows Startup folder and execute arbitrary code when the user logs on.


pgsm super dance lesson 640x480 xvid dvdrip fixed POC / Test Code

Please download the POC here and follow the instructions below.

Pgsm Super Dance Lesson 640x480 Xvid Dvdrip Fixed -

Are you ready to groove to the rhythm and take your dance skills to the next level? Look no further than the PGS M Super Dance Lesson 640x480 XVID DVDrip Fixed, a comprehensive dance tutorial that will have you dancing like a pro in no time. In this article, we'll take a closer look at what this dance lesson has to offer and how it can benefit dancers of all levels.

PGS M Super Dance Lesson 640x480 XVID DVDrip Fixed is a high-quality dance tutorial video that provides a thorough and engaging dance lesson. The video is designed to cater to dancers of all levels, from beginners to advanced dancers looking to improve their skills. With a focus on technique, style, and fun, this dance lesson is perfect for anyone looking to learn new dance moves or simply enjoy the thrill of dancing. pgsm super dance lesson 640x480 xvid dvdrip fixed

In conclusion, the PGS M Super Dance Lesson 640x480 XVID DVDrip Fixed is a comprehensive and engaging dance tutorial that is perfect for dancers of all levels. With its focus on technique, style, and fun, this lesson is sure to have you dancing like a pro in no time. Whether you're a beginner or an advanced dancer, this lesson is a great way to improve your skills, increase your flexibility and coordination, and have fun. Are you ready to groove to the rhythm


pgsm super dance lesson 640x480 xvid dvdrip fixed Patch / Workaround

Avoid downloading files/directories from untrusted FTP servers.


pgsm super dance lesson 640x480 xvid dvdrip fixed Disclosure Timeline

2008-06-15 - Vulnerability Discovered.
2008-06-16 - Vulnerability Details Sent to Vendor via online support form (no reply).
2008-06-18 - Vulnerability Details Sent to Vendor again via online support form (no reply).
2008-06-25 - Vulnerability Details Sent to Vendor again via online support form (no reply).
2008-06-27 - Public Release.


Contact
For further enquries, comments, suggestions or bug reports, simply email them to