Short Name |
FTP:VULN:SERV-U-FTP-4-3 |
---|---|
Severity |
Info |
Recommended |
No |
Category |
FTP |
Keywords |
ftp server vulnerable version |
Release Date |
2005/01/28 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
This signature detects RhinoSoft Serv-U FTP 4.3 and earlier. These versions contain a buffer overflow vulnerability in the MDTM command that enables attackers to execute malicous code on a remote server.
Serv-U FTP Server has been reported prone to a remote stack based buffer overflow vulnerability when handling time zone arguments passed to the MDTM FTP command. The problem exists due to insufficient bounds checking. Ultimately an attacker may leverage this issue to have arbitrary instructions executed in the context of the SYSTEM user.