Signature Detail
Short Name |
FTP:OVERFLOW:ASCII-WRITE |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
FTP |
Keywords |
ftp cmd of |
Release Date |
2005/09/28 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
FTP: ProFTP ASCII Off By Two Overflow
This signature detects an attempt to exploit an off-by-two vulnerability in ProFTP. This vulnerability can lead to arbitrary remote code execution within the context of the ftp server. Exploits are publicly available.
Extended Description
A remotely exploitable buffer overrun was reported in ProFTPD. This issue is due to insufficient bounds checking of user-supplied data in the '_xlate_ascii_write()' function, permitting an attacker to overwrite two bytes of memory adjacent to the affected buffer. The attacker may be able to exploit this to execute arbitrary code in the context of the server. The attacker may trigger this issue by submitting a RETR command to the server.
Affected Products
- Debian Linux 2.2.0
- Debian Linux 2.2.0 68k
- Debian Linux 2.2.0 alpha
- Debian Linux 2.2.0 arm
- Debian Linux 2.2.0 IA-32
- Debian Linux 2.2.0 Powerpc
- ProFTPD Project ProFTPD 1.2.7
- ProFTPD Project ProFTPD 1.2.8
- ProFTPD Project ProFTPD 1.2.9 Rc1
- ProFTPD Project ProFTPD 1.2.9 Rc2
- Red Hat Linux 6.2.0
- Red Hat Linux 6.2.0 Alpha
- Red Hat Linux 6.2.0 E Alpha
- Red Hat Linux 6.2.0 E I386
- Red Hat Linux 6.2.0 E Sparc
- Red Hat Linux 6.2.0 I386
- Red Hat Linux 6.2.0 Sparc
- Red Hat Linux 6.2.0 sparcv9
- Red Hat Linux 7.1.0
- Red Hat Linux 7.1.0 Alpha
- Red Hat Linux 7.1.0 alphaev6
- Red Hat Linux 7.1.0 I386
- Red Hat Linux 7.1.0 i586
- Red Hat Linux 7.1.0 i686
- Red Hat Linux 7.1.0 Ia64
- Red Hat Linux 7.1.0 iseries
- Red Hat Linux 7.1.0 k i386
- Red Hat Linux 7.1.0 noarch
- Red Hat Linux 7.1.0 pseries
- Red Hat Linux 7.2.0
- Red Hat Linux 7.2.0 alpha
- Red Hat Linux 7.2.0 athlon
- Red Hat Linux 7.2.0 I386
- Red Hat Linux 7.2.0 i586
- Red Hat Linux 7.2.0 i686
- Red Hat Linux 7.2.0 Ia64
- Red Hat Linux 7.2.0 noarch
- Red Hat Linux 7.3.0
- Red Hat Linux 7.3.0 I386
- Red Hat Linux 7.3.0 I686
- Red Hat Linux 8.0.0
- Red Hat Linux 8.0.0 I386
- Red Hat Linux 8.0.0 I686
- Red Hat Linux 9.0.0 I386
- Turbolinux Appliance Server 1.0.0 Workgroup Edition
- Turbolinux Appliance Server Workgroup Edition 1.0.0
- Turbolinux Turbolinux Server 7.0.0
- Turbolinux Turbolinux Server 8.0.0
- Turbolinux Turbolinux Workstation 7.0.0
- Turbolinux Turbolinux Workstation 8.0.0
References
- BugTraq: 9782
- CVE: CVE-2004-0346