Family: Misc. --> Category: infos
4D WebStar Symbolic Link Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for 4D FTP Server
Detailed Explanation for this Vulnerability Test
The remote server is running 4D WebStar FTP Server.
4D WebStar is reportedly vulnerable to a local symbolic link vulnerability.
This issue is due to a design error that causes the application
to open files without properly verifying their existence or their absolute location.
Successful exploitation of this issue will allow a possible hacker to write
to arbitrary files writable by the affected application,
facilitating privilege escalation.
See also : http://www.atstake.com/research/advisories/2004/a071304-1.txt
Solution : Upgrade to 4D WebStar 5.3.3 or later.
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.