Phase:Gene6 FTP Server does not properly restrict access to the control console, which allows local users to modify the server configuration and gain privileges, as demonstrated by defining a SITE command.
ReferencesBUGTRAQ:Monday, March 07, 2005 Gene6 FTP Server Local Privilege Escalation Vulnerability | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=111022496826680&w=2 | MISC:http://secway.org/Advisory/adThursday, March 03, 2005.txt | BUGTRAQ:Tuesday, March 08, 2005 Re: Gene6 FTP Server Local Privi
Votes:Assigned (Wednesday, March 09, 2005)
Comments:None (candidate not yet proposed)
F7: