Computer Security
[EN] securityvulns.ru no-pyccku


Multiple FTP clients FTP bounce attack
updated since 05.03.2007
Published:05.01.2009
Source:
SecurityVulns ID:7348
Type:client
Threat Level:
5/10
Description:Passive FTP implementation in multiple client allows to use FTP bounce attack for port scanning.
Affected:KDE : KDE 3.5
 MOZILLA : Firefox 1.5
 MOZILLA : Firefox 2.0
 OPERA : Opera 9.10
 DEV0 : 0irc 1.3
 GOOGLE : Chrome 1.0
CVE:CVE-2007-1565 (Konqueror 3.5.5 allows remote attackers to cause a denial of service (crash) by using JavaScript to read a child iframe having an ftp:// URI.)
 CVE-2007-1564 (The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.)
 CVE-2007-1563 (The FTP protocol implementation in Opera 9.10 allows remote attackers to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.)
 CVE-2007-1562 (The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and 2.x before 2.0.0.3 allows remote attackers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.)
 CVE-2007-1308 (ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference.)
Original documentdocumentAditya K Sood, Google Chrome FTP PASV IP Malicious Port Scanning Vulnerability. (05.01.2009)
 documentmark, [Full-disclosure] Konqueror DoS Via JavaScript Read Of FTP Iframe (05.03.2007)
 documentmark, [Full-disclosure] Extending JavaScript Portscanning to Include Banner Grabbing (05.03.2007)
Files:Manipulating FTP Clients Using The PASV Command PoC
 Demo of how to make Konqueror 3.5.5 crash
 Manipulating FTP Clients Using The PASV Command

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod