Exploitation Summary
EIP tracks 2 public exploits for CVE-2015-7602.
PoCs published by Jay Turla, Jay Turla, James Fitts, including Metasploit module auxiliary/scanner/ftp/bison_ftp_traversal.
AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in BisonWare BisonFTP Server V3.5, allowing unauthorized access to files outside the intended directory. It connects to the FTP server, retrieves the boot.ini file using a traversal sequence, and prints its contents.
Description
Directory traversal vulnerability in BisonWare BisonFTP 3.5 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in a RETR command.
Exploits (2)
This exploit demonstrates a directory traversal vulnerability in BisonWare BisonFTP Server V3.5, allowing unauthorized access to files outside the intended directory. It connects to the FTP server, retrieves the boot.ini file using a traversal sequence, and prints its contents.
This Metasploit module exploits a directory traversal vulnerability in BisonWare BisonFTP Server 3.5, allowing an attacker to download arbitrary files from the server by crafting a RETR command with traversal strings.