Wednesday, March 12, 2008 1:30 PM
cmosby
Internet Explorer FTP Command Injection Vulnerability - Advisories - Secunia
Internet Explorer FTP Command Injection Vulnerability
Secunia Advisory:
SA29346
Release Date:
2008-03-12
Critical:
Less critical
Impact:
Manipulation of data
Where:
From remote
Solution Status:
Unpatched
Software:
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 6.x
Description:
Derek Abdine has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to conduct FTP command injection attacks.
The vulnerability is caused due to an input validation error when processing FTP URIs. This can be exploited to inject arbitrary FTP commands in a FTP session using e.g. a specially crafted FTP URI containing CRLF character sequences and trailing slashes.
Successful exploitation requires that a user e.g. is tricked into visiting a malicious website.
The vulnerability is confirmed in version 6.0.2900.2180 and also reported in version 5. Other versions may also be affected.
Solution:
Upgrade to Internet Explorer 7. Do not browse untrusted websites.
Provided and/or discovered by:
Derek Abdine, Rapid7
Original Advisory:
http://www.rapid7.com/advisories/R7-0032.jsp