Short Name |
FTP:OVERFLOW:EASY-FTP-OF |
---|---|
Severity |
Major |
Recommended |
No |
Category |
FTP |
Keywords |
Easy FTP Server Command Buffer Overflow |
Release Date |
2010/08/20 |
Update Number |
1757 |
Supported Platforms |
idp-4.0+, isg-3.4+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the Easy FTP Server 1.7.0.11. Other versions may also be affected. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server. Because the size of the buffer for this exploit is small, this signature can create false positives on normal traffic from other FTP software. No recommended action is attached to this signature due to the risk of false positives on other FTP software. If you are using Easy FTP or UplusFTP, set the action to drop.
Easy FTP Server (AKA UplusFTP) is prone to multiple remote buffer-overflow vulnerabilities. Attackers can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Easy FTP Server 1.7.0.11 is vulnerable; other versions may also be affected.