Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-1419 PoC — VSFTP 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/network/cves/2015/CVE-2015-1419.yaml
Associated Vulnerability
Title:VSFTP 安全漏洞 (CVE-2015-1419)
Description:VSFTP是一套基于GPL发布的类Unix系统上使用的FTP服务器软件。该软件支持虚拟用户、支持两种认证方式(PAP或xinetd/ tcp_wrappers)、支持带宽限制等。 VSFTP中存在安全漏洞,该漏洞源于程序没有正确处理‘deny_file’选项。远程攻击者可利用该漏洞绕过访问限制。以下产品及版本受到影响:VSFTP 3.0.2及之前版本,opensuse 13.1版本和13.2版本。
Description
vsftpd 3.0.2 and earlier contain a vulnerability that allows remote attackers to bypass access restrictions due to improper parsing of the deny_file configuration directive.
File Snapshot

 id: CVE-2015-1419

info:
  name: vsftpd <= 3.0.2 - Access Restriction Bypass
  author: pussycat0x
  

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.