Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 FTP:DOS:SOLARFTP-USER-CMD

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 FTP

Keywords

 SolarFTP USER Command Denial of Service Vuln

Release Date

 2011/03/14

Update Number

 1881

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

FTP: SolarFTP Server USER Command Denial of Service


This signature detects denial-of-service attempts against SolarFTP Service. Attackers send specially crafted FTP command to crash the server. Specifically, the issue occurs when format string characters are provided to the 'USER' FTP command.

Extended Description

SolarFTP is prone to a remote denial-of-service vulnerability because the application fails to properly handle a specially crafted FTP command. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. SolarFTP 2.1 is vulnerable; other versions may also be affected.

Affected Products

  • Flexbyte Software SolarFTP 2.1

References

  • BugTraq: 46504
  • URL: http://www.solarftp.com/

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out