Signature Detail

Short Name	FTP:OVERFLOW:PATH-LINUX-X86-3
Severity	Critical
Recommended	No
Recommended Action	Drop
Category	FTP
Keywords	Linux x86 Long Pathname Buffer Overflow (3)
Release Date	2003/04/22
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

FTP: Linux x86 Long Pathname Buffer Overflow (3)

This signature detects attempts to exploit a realpath vulnerability in ProFTPD and wuFTPd running on LINUX. Versions ProFTPD 1.2pre1 and earlier and wuFTPd 2.4.2 (beta 18) VR9 and earlier are susceptible. Attackers can gain write access, remotely create long pathnames, and overflow the buffer to gain root access.

Extended Description

Successful exploitation of this vulnerability could allow execution of arbitrary code with the same privileges as the ProFTP daemon or wu-ftpd, and also unauthorized access to a vulnerable system.

References

CERT: CA-1999-03
CVE: CVE-1999-0368
URL: http://www.securityfocus.com/advisories/611

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

FTP: Linux x86 Long Pathname Buffer Overflow (3)

Extended Description

References