ftpd cwd user detection 1.0
 
Plugin ID297
Plugin nameftpd cwd user detection
Plugin filenameftpd cwd user detection.plugin
Plugin filesize2138 bytes
Plugin familyFTP
Plugin created nameMarc Ruef
Plugin created emailmarc.ruef at computec.ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2005/01/04
Plugin version1.0
Plugin protocoltcp
Plugin port21
Plugin procedure exploitopen|sleep|send anonymous\n|sleep|send atk@test.example\n|sleep|send CWD ~root\n|sleep|send QUIT\n|close|pattern_exists 550 /
Plugin exploit accuracy90
Plugin commentThe NASL script is Copyright (C) 1999 Renaud Deraison
Bug vulnerability classConfiguration
Bug descriptionIt is possible to determine the existence of a user on the remote system by issuing the command CWD ~<username>, like : "CWD ~root". An attacker may use this to determine the existence of known to be vulnerable accounts (like guest) or to determine which system you are running.
Bug solutionInform your vendor, and ask for a patch, or change your FTP server.
Bug fixing timeApprox. 2 hours
Bug exploit availabilityYes
Bug remoteYes
Bug localYes
Bug severityMedium
Bug popularity6
Bug simplicity7
Bug impact5
Bug risk6
Bug Nessus riskLow
Bug check toolsNessus can check this flaw with the plugin 10082 (FTPd tells if a user exists).
Source Nessus ID10082
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.