Signature Detail
Short Name |
FTP:COMMAND:MULTIPLE-OF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
FTP |
Keywords |
Multiple Vendor Command Overflow |
Release Date |
2011/03/22 |
Update Number |
1886 |
Supported Platforms |
idp-4.0+, isg-3.4+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
FTP:Multiple Vendor Command Overflow
This signature detects attempts to exploit known vulnerabilities in multiple FTP servers. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the vulnerable service.
Extended Description
A remote buffer overflow vulnerability affects WhitSoft Development SlimFTPd. The problem presents itself when an authenticated user issues a command with excessive string values as parameters. An attacker can leverage this issue to execute arbitrary machine code with the privileges of the affected FTP server, facilitating unauthorized access to the vulnerable computer.
Affected Products
- WhitSoft SlimFTPd 3.11.0
- WhitSoft SlimFTPd 3.12.0
- WhitSoft SlimFTPd 3.13.0
- WhitSoft SlimFTPd 3.14.0
- WhitSoft SlimFTPd 3.15.0
- WhitSoft SlimFTPd 3.16.0
References
- BugTraq: 8542
- BugTraq: 14339
- BugTraq: 8375
- BugTraq: 49427
- CVE: CVE-2003-0772
- CVE: CVE-2003-0727
- CVE: CVE-2006-5001
- CVE: CVE-2006-3952
- CVE: CVE-2009-3023
- CVE: CVE-1999-0256