Magellan Explorer FTP directory traversal

magellan-ftp-directory-traversal (36499) The risk level is classified as MediumMedium Risk

Description:

Magellan Explorer could allow a remote attacker to traverse directories on the system. By persuading a victim to download a specially-crafted FTP file containing "dot dot" sequences (/../) in the filename, an attacker could exploit this vulnerability to overwrite arbitrary files on the system.

Platforms Affected:

  • Enriva Development, Magellan Explorer 3.32 b2305 and prior

Remedy:

No remedy available as of November 29, 2008.

Consequences:

Gain Access

References:

  • BugTraq Mailing List, Thu Sep 06 2007 - 13:03:43 CDT, [HISPASEC] 2K7SEPT6 Magellan Explorer 3.32 build 2305 Remote FTP Client Directory Traversal at http://archives.neohapsis.com/archives/bugtraq/2007-09/0066.html.
  • Magellan Explorer Web site, Magellan Explorer - Windows File Manager and Explorer Replacement at http://www.enriva.com/.
  • CVE-2007-4842: Directory traversal vulnerability in Enriva Development Magellan Explorer 3.32 build 2305 and earlier allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder.
  • FrSIRT/ADV-2007-3103: Magellan Explorer FTP Filename Processing Directory Traversal Vulnerability
  • SA26737: Magellan Explorer FTP Directory Traversal Vulnerability
  • SECTRACK ID: 1018661: Enriva Magellan Explorer Directory Traversal Bug in FTP Filenames Lets Remote Users Write Files to Arbitrary Locaions

Reported:

Sep 06, 2007

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.

For corrections or additions please email xforce@iss.net

Return to the main page