Hispasec Lab Blog

July 2008

Links

Recent Entries

FireFox 2.0.0.11 and Opera 9.50 beta Remote Memory Information Leak(02/16 17:06)
Magellan Explorer 3.32 build 2305 Remote FTP Client Directory Traversal(09/06 20:02)
X-Diesel Unreal Commander v0.92 (build 573) multiple FTP-based vulnerabilities(09/06 19:49)
Total Commander 7.01 Remote FTP Client Directory Traversal(09/06 18:59)
Blizzard StarCraft Brood War 1.15.1 Remote DoS(08/29 14:22)
X-Diesel Unreal Commander v0.92 (build 573) multiple vulnerabilities(08/23 13:37)
Fileinfo 2.0.9 multiple vulnerabilities(08/20 21:54)

Total Commander 7.01 Remote FTP Client Directory Traversal

[Advisories]

Christian Ghislers Total Commander is a popular Windows file explorer with a
built-in support for FTP protocol.

Total Commander is vulnerable to remote file name spoofing leading to local
directory traversal while downloading a file from a malformed FTP server.
Successful exploitation may lead to a full scale system compromise.

Read more at:
/advisories/adv_TotalCommander_7_01_Remote_Traversal.txt

Sent by Gynvael Coldwind @ 18:59 | Permalink | Comments (1) | Trackbacks (0)

<< Blizzard StarCraft Brood War 1.15.1 Remote DoS | Principal | X-Diesel Unreal Commander v0.92 (build 573) multiple FTP-based vulnerabilities >>

Comentarios

Re: Total Commander 7.01 Remote FTP Client Directory Traversal

Really nice ;-) Keep up the good work Gynvael ;-)

Posted by: ReWolf at septiembre 06,2007 19:16

Trackbacks

Please send trackbacks to: http://blog.hispasec.nospam/lab/233/tbZ3ping
Replace "nospam" with "com"

There are no trackbacks.