Short Name |
FTP:WU-FTP:GLOBARG |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
FTP |
Keywords |
WU-FTPD ftpglob() Input Validation Error |
Release Date |
2003/04/25 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in Wu-ftpd, a software package that provides File Transfer Protocol (FTP) services for UNIX and Linux systems. Wu-ftpd versions 2.6.1 to 2.6.18 are vulnerable. Attackers can send a maliciously crafted pathname in a CWD or LIST command to the FTP server to execute arbitrary commands as root.
Wu-Ftpd is an FTP server based on the BSD 'ftpd' that is maintained by Washington University. Wu-Ftpd allows clients to organize files for FTP actions based on "file globbing" patterns. File globbing is also used by various shells. The implementation of file globbing included in Wu-Ftpd contains a heap-corruption vulnerability that may allow an attacker to execute arbitrary code on a server remotely. This vulnerability was initially scheduled for public release on December 3, 2001. However, Red Hat has made details public as of November 27, 2001. As a result, we are forced to warn other users of the vulnerable product so that they may take appropriate actions.