Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 FTP:OVERFLOW:LINE-TOO-LONG

Severity

 High

Recommended

 Yes

Recommended Action

 Drop

Category

 FTP

Keywords

 Line Too Long

Release Date

 2003/04/22

Update Number

 1213

Supported Platforms

 di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

FTP: Line Too Long


This protocol anomaly indicates an incoming FTP line that is too long. This can indicate an attempt to overflow the server. Default value: 1024. You can set the FTP line length threshold to a higher or lower value. In IDP Manager: Select a security policy from Security Policies, then select the Sensor Settings tab. Select Protocol Thresholds and Configuration > FTP. In Netscreen-Security Manager: In the device navigation tree select Security > IDP SM Settings, then select the Protocol Thresholds and Configuration tab. Under FTP, click the Show button. Set the Maximum Line Length to the new value and click OK.

Extended Description

BisonFTP Server is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code within the context of the application. Failed attacks may cause a denial-of-service condition. BisonFTP Server versions 3.5 and prior are affected.

Affected Products

  • BisonFTP BisonFTP Server 3.5

References

  • BugTraq: 15998
  • BugTraq: 49109
  • CVE: CVE-2005-4459
  • CVE: CVE-2007-0217
  • URL: http://www.faqs.org/rfcs/rfc959.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out