=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: BRS WebWeaver FTP Server vulnerabilities product: BRS WebWeaver 1.01 (FTP Server) vendor: http://www.bsoutham.org/WebWeaver/ risk: high date: 01/10/2k3 discovered by: euronymous /F0KP /R00tC0de advisory urls: http://f0kp.iplus.ru/bz/012.en.txt http://f0kp.iplus.ru/bz/012.ru.txt =:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= description ----------- 1) directory traversal i found that you can use thiz bug for directory creating only. u cannot get dir listing, etc.. sploit: mkdir ..\some_dir then directory named `some_dir' would be created in c:\ if ftp root placed in c:\. 2) path disclosure if u try to create the directory, that already exists, then u can see full system path to ftp root. sploit: mkdir ..\windows server responce: ==================================================== 550 'c:\ftp_dir\..\windows': can't create directory. ==================================================== shouts: R00tC0de, DWC, DHG, HUNGOSH, all russian security guyz!! to kate especially )) f*ck_off: slavomira and other dirty ppl in *.kz ================ im not a lame, not yet a hacker ================