vuln.sg  Tomb Raider 2018 Hindi Dubbed Mp4moviez

vuln.sg Vulnerability Research Advisory

AceFTP FTP-Client Directory Traversal Vulnerability

by Tan Chew Keong
Release Date: 2008-06-27

Tomb Raider 2018 Hindi Dubbed Mp4moviez   [en] [jp]

Tomb Raider 2018 Hindi Dubbed Mp4moviez Summary

A vulnerability has been found within the FTP client in AceFTP. When exploited, this vulnerability allows an anonymous attacker to write files to arbitrary locations on a Windows user's system.


Tomb Raider 2018 Hindi Dubbed Mp4moviez Tested Versions


Tomb Raider 2018 Hindi Dubbed Mp4moviez Details

This advisory discloses a vulnerability within the FTP client in AceFTP. When exploited, this vulnerability allows an anonymous attacker to write files to arbitrary locations on a Windows user's system.

The FTP client does not properly sanitise filenames containing directory traversal sequences (forward-slash) that are received from an FTP server in response to the LIST command.

An example of such a response from a malicious FTP server is shown below. 


Response to LIST (forward-slash):

-rw-r--r--    1 ftp      ftp            20 Mar 01 05:37 /../../../../../../../../../testfile.txt\r\n
 

By tricking a user to download a directory from a malicious FTP server that contains files with fowward-slash directory traversal sequences in their filenames, it is possible for the attacker to write files to arbitrary locations on a user's system with privileges of that user. An attacker can potentially leverage this issue to write files into a user's Windows Startup folder and execute arbitrary code when the user logs on.


Tomb Raider 2018 Hindi Dubbed Mp4moviez POC / Test Code

Please download the POC here and follow the instructions below.

Tomb Raider 2018 Hindi Dubbed Mp4moviez -

However, I can offer a useful alternative report on the itself, including its plot, cast, critical reception, and legitimate ways to watch it (with Hindi dubbing where available).

I’m unable to provide a report that promotes or supports piracy, including details about accessing copyrighted content from sites like Mp4moviez. Distributing or downloading movies via unauthorized platforms violates copyright laws and harms the creative industry. Tomb Raider 2018 Hindi Dubbed Mp4moviez


Tomb Raider 2018 Hindi Dubbed Mp4moviez Patch / Workaround

Avoid downloading files/directories from untrusted FTP servers.


Tomb Raider 2018 Hindi Dubbed Mp4moviez Disclosure Timeline

2008-06-15 - Vulnerability Discovered.
2008-06-16 - Vulnerability Details Sent to Vendor via online support form (no reply).
2008-06-18 - Vulnerability Details Sent to Vendor again via online support form (no reply).
2008-06-25 - Vulnerability Details Sent to Vendor again via online support form (no reply).
2008-06-27 - Public Release.


Contact
For further enquries, comments, suggestions or bug reports, simply email them to