Short Name |
FTP:DOS:SOLARFTP-USER-CMD |
---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
FTP |
Keywords |
SolarFTP USER Command Denial of Service Vuln |
Release Date |
2011/03/14 |
Update Number |
1881 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
This signature detects denial-of-service attempts against SolarFTP Service. Attackers send specially crafted FTP command to crash the server. Specifically, the issue occurs when format string characters are provided to the 'USER' FTP command.
SolarFTP is prone to a remote denial-of-service vulnerability because the application fails to properly handle a specially crafted FTP command. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. SolarFTP 2.1 is vulnerable; other versions may also be affected.