Signature Detail
Short Name |
FTP:OVERFLOW:UPLUS-MULTI-CMDS |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
FTP |
Keywords |
UplusFtp Server Multiple Commands Buffer Overflow |
Release Date |
2012/12/02 |
Update Number |
2207 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
FTP: UplusFtp Server Multiple Commands Buffer Overflow
This signature detects attempts to exploit a known vulnerability in Uplus FTP Server. A successful attack could result in arbitrary code execution with the privileges of the server. Failed exploit attempts could result in a denial of service condition.
Extended Description
UplusFtp (formerly Easy Ftp Server) is prone to multiple remote buffer-overflow vulnerabilities. Attackers can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. UplusFtp 1.7.0.12 is vulnerable; prior versions, including Easy Ftp Server, may also be affected.
Affected Products
- easy ftp server 1.7.0.11
- easy ftp server 1.7.0 2
- uplusware UplusFtp 1.7.0.12
References
- BugTraq: 38102
- BugTraq: 38262
- URL: http://sourceforge.net/projects/easyftpsvr/
- URL: http://www.erisesoft.com/en/uplusftp.php