Signature Detail
Short Name |
FTP:OVERFLOW:USERNAME-2-LONG |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
FTP |
Keywords |
ftp |
Release Date |
2003/08/27 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
FTP: Username Too Long
This protocol anomaly is a username in an FTP connection that exceeds the length threshold. This can be an attempt to overflow the server. Default value: 32. You can set the FTP username length threshold to a higher or lower value. In IDP Manager: Select a security policy from Security Policies, then select the Sensor Settings tab. Select Protocol Thresholds and Configuration > FTP. In Netscreen-Security Manager: In the device navigation tree select Security > IDP SM Settings, then select the Protocol Thresholds and Configuration tab. Under FTP, click the Show button. Set the Maximum Username length to the new value and click OK.
Extended Description
Such conditions could indicate a configuration or implementation error, or it could indicate that an attack against FTP servers or clients is underway.
References
- BugTraq: 12155
- BugTraq: 10720
- BugTraq: 49427
- BugTraq: 13396
- BugTraq: 15457
- BugTraq: 22944
- CVE: CVE-1999-1510
- CVE: CVE-1999-1514
- CVE: CVE-1999-1519
- CVE: CVE-1999-1539
- CVE: CVE-2000-0479
- CVE: CVE-2000-0656
- CVE: CVE-2000-0761
- CVE: CVE-2000-0943
- CVE: CVE-2000-1194
- CVE: CVE-2001-0256
- CVE: CVE-2001-0794
- CVE: CVE-2001-0826
- CVE: CVE-2002-0126
- CVE: CVE-2003-0271
- CVE: CVE-2002-1522
- CVE: CVE-2004-0286
- CVE: CVE-2004-0695
- CVE: CVE-2005-3683
- CVE: CVE-2010-1938
- CVE: CVE-2005-3683
- CVE: CVE-2004-0695
- CVE: CVE-1999-0256
- CVE: CVE-2005-0634
- CVE: CVE-2013-5680
- URL: http://www.ietf.org/rfc/rfc959.txt