|
Family: CGI abuses --> Category: destructive_attack
NETFile FTP/Web Server Directory Traversal Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary Checks for directory traversal vulnerabilities in NETFile FTP/Web Server
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server is vulnerable to a directory traversal attack.
Description :
The version of NETFile FTP/Web server installed on the remote host is
prone to directory traversal attacks. Specifically, a possible hacker can
create directories outside the server's folder path with a
specially-crafted URL, and he may be able to delete arbitrary files
and directories on the remote host too.
See also :
http://www.security.org.sg/vuln/netfileftp746.html
Solution :
Configure NETFile with tighter file and folder rights for users and
groups. Or upgrade to NETFile FTP/Web Server version 7.5.0 Beta 7 or
later.
Threat Level:
Low / CVSS Base Score : 1
(AV:R/AC:H/Au:R/C:N/A:N/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|