Writable FTP home directory


Summary

FTP home directory is writable for anonymous users.

Impact

Remote command execution, remote file substitution.

The problem

When the FTP home directory of a UNIX host is writable, a remote intruder can upload a .rhosts or .forward file to gain access to the system, or may be able to replace files.

When a PC (DOS or MAC) permits anonymous users write access to its file system, a remote intruder may be able replace arbitrary programs or configuration files, or corrupt the file system by filling it up.

Unfortunately, some printers use a writable ftp directory for printing operations. These are usually not vulnerable to attacks other than denial of service. SARA drops references to writable directories for Jet Direct printers.

Fix (UNIX)

Fix (Windows)

Do not have any writable directories in the anonymous directory tree. Hackers have been using writable directories to store copyright and pornographic materials.

Other tips (UNIX)