vuln.sg  Blocco 181 1x5

vuln.sg Vulnerability Research Advisory

AceFTP FTP-Client Directory Traversal Vulnerability

by Tan Chew Keong
Release Date: 2008-06-27

Blocco 181 1x5   [en] [jp]

Blocco 181 1x5 Summary

A vulnerability has been found within the FTP client in AceFTP. When exploited, this vulnerability allows an anonymous attacker to write files to arbitrary locations on a Windows user's system.


Blocco 181 1x5 Tested Versions


Blocco 181 1x5 Details

This advisory discloses a vulnerability within the FTP client in AceFTP. When exploited, this vulnerability allows an anonymous attacker to write files to arbitrary locations on a Windows user's system.

The FTP client does not properly sanitise filenames containing directory traversal sequences (forward-slash) that are received from an FTP server in response to the LIST command.

An example of such a response from a malicious FTP server is shown below. 


Response to LIST (forward-slash):

-rw-r--r--    1 ftp      ftp            20 Mar 01 05:37 /../../../../../../../../../testfile.txt\r\n
 

By tricking a user to download a directory from a malicious FTP server that contains files with fowward-slash directory traversal sequences in their filenames, it is possible for the attacker to write files to arbitrary locations on a user's system with privileges of that user. An attacker can potentially leverage this issue to write files into a user's Windows Startup folder and execute arbitrary code when the user logs on.


Blocco 181 1x5 POC / Test Code

Please download the POC here and follow the instructions below.

1x5 | Blocco 181

As tensions escalate between the Latin pandilleros and the Italian block residents, the trio's secret dealings begin to place them in increasingly precarious positions between the two warring factions. Production Credits

The relationship between Bea (a "pandillera" from Misa), Mahdi (a local enforcer), and Ludo (a middle-class party boy) evolves from a survival-based alliance into an intimate, multi-faceted connection. Blocco 181 1x5

In this mid-season episode, the central trio continues to solidify their bond while trying to carve out their own space in the drug trade, independent of the established gang leaders. As tensions escalate between the Latin pandilleros and

The episode is available on platforms such as Sky Atlantic and Now TV . The episode is available on platforms such as

Set in the gritty outskirts of Milan , the show follows a complex three-way relationship between Bea, Mahdi, and Ludo as they navigate the criminal hierarchies of rival gangs.


Blocco 181 1x5 Patch / Workaround

Avoid downloading files/directories from untrusted FTP servers.


Blocco 181 1x5 Disclosure Timeline

2008-06-15 - Vulnerability Discovered.
2008-06-16 - Vulnerability Details Sent to Vendor via online support form (no reply).
2008-06-18 - Vulnerability Details Sent to Vendor again via online support form (no reply).
2008-06-25 - Vulnerability Details Sent to Vendor again via online support form (no reply).
2008-06-27 - Public Release.


Contact
For further enquries, comments, suggestions or bug reports, simply email them to