Short Name |
FTP:AUDIT:BINARY-DATA-FOLDER |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
FTP |
Keywords |
Binary In Folder Name |
Release Date |
2005/06/24 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects a folder name that contains binary characters, which can indicate an attempt to exploit a buffer overflow or to hide folders.
A vulnerability has been identified in the way Microsoft Internet Information Server's FTP service handles certain requests for transfer status. The condition is present when a request is made for the FTP transfer status is made via the STAT command. A client issuing this command with a large number of file globbing characters as the argument may cause the service to crash. On IIS 4.0 servers, the service must be manually restarted. On IIS 5.0 and 5.1 servers, the service will restart itself automatically. A number of Cisco products are affected by this vulnerability, although this issue is not present in the Cisco products themselves.