[Secunia.SEG] Internet Explorer FTP Download Directory Traversal

La vulnerabilidad no afecta a sistemas windows xp con el sp2
instalado.

La vulnerabilidad ha sido confirmada en sistemas *completamente*
parcheados con internet explorer 6 y microsoft windows 2000 sp4 y
windows xp sp1.

Solución: Solo descarge fichero en servidores FTP en los que confies.

NO HAY PARCHE DISPONIBLE DE MOMENTO.

-

Internet Explorer FTP Download Directory Traversal
http://secunia.com/advisories/13704/

Secunia Advisory: SA13704
Release Date: 2005-01-03

Critical: Moderately critical
Impact: System access
Where: From remote
Solution Status: Unpatched

Software:
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6

Select a product and view a complete list of all Patched/Unpatched
Secunia advisories affecting it.

Description:
Albert Puigsech Galicia has discovered a vulnerability in Internet
Explorer, which can be exploited by malicious people to compromise a
user's system.

The vulnerability is caused due to an input validation error in the
handling of FTP file transfers. This can be exploited by a malicious
FTP server to create files in arbitrary locations via directory
traversal attacks by tricking a user into downloading malicious files
(e.g. by dragging or copying a file or folder).

The vulnerability has been confirmed on a fully patched system with
Internet Explorer 6.0 and Microsoft Windows 2000 SP4 / XP SP1.

Solution:
The vulnerability does not affect systems running Windows XP with SP2
installed.

Do not download files from untrusted FTP servers.

Provided and/or discovered by:
Albert Puigsech Galicia

Original Advisory:
http://www.7a69ezine.org/node/view/176