CVE-2001-1109

EFTP 2.0.7.337 - Authenticated Directory Traversal via LIST QUOTE SIZE and QUOTE MDTM Commands

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-1109. PoCs published by byterage.

AI-analyzed exploit summary This Perl script exploits an information leakage vulnerability in certain FTP servers by using the SIZE or MDTM commands with wildcards to map directory structures outside the FTP root. It brute-forces filenames and paths to disclose unpublished filesystem information.

Description

Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. (dot dot) in the (1) LIST, (2) QUOTE SIZE, and (3) QUOTE MDTM commands.

Exploits (1)

exploitdb WORKING POC VERIFIED

by byterage · perlremotewindows

https://www.exploit-db.com/exploits/21110

View Code ZIP pw:eip

This Perl script exploits an information leakage vulnerability in certain FTP servers by using the SIZE or MDTM commands with wildcards to map directory structures outside the FTP root. It brute-forces filenames and paths to disclose unpublished filesystem information.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: EFTP v2.0.7.337, GuildFTPd v0.992

Auth required

Prerequisites: FTP server access with valid credentials · Vulnerable FTP server version

MITRE ATT&CK