Title: 121 Software 121 WAM! FTP Server Directory Traversal Vulnerability
Severity: MODERATE
Description:
121 WAM! Server is a FTP Server for Microsoft Windows Platform allowing users to manage online databases including Microsoft Access, SQL Server and MySQL.
A vulnerability has been reported in 121 WAM! Server that may allow remote users to access restricted data from the server and other user accounts outside the user root directory. The vulnerability is due to an access validation error that allows clients to traverse outside of the root FTP directory using '/../' character sequences.
This may allow the attacker to access system resources on the server. Information that could be useful in further attacks could be disclosed to an attacker through successful exploitation of this issue.
Affected Products:
- 121 Software 121 WAM! 1.0.4.0
References:
- 121 Software: 121 WAM! Server
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
