Title: SapporoWorks Black JumboDog FTP Server Buffer Overflow Vulnerability
Severity: CRITICAL
Description:
SapporoWorks Black JumboDog is an open source proxy that contains an FTP server.
Black JumboDog is reported to contain a buffer overflow vulnerability in its FTP server. This issue results from insufficient boundary checks performed by the application when processing user-supplied data.
The vulnerable code exists in the 'TFtp.cpp' file, where strcpy() is unsafely used to copy user-supplied data into a finite sized memory buffer. This buffer is reportedly 256 bytes long.
This overflow is triggered by sending commands with arguments larger than 256 bytes to the FTP server process, such as 'USER', 'PASS', 'RETR', and others. When the strcpy() runs, it overwrites or corrupts sensitive memory addresses. Because the affected FTP commands include 'USER', and 'PASS', this issue can be exploited before authenticating to the FTP server.
This issue may lead to arbitrary code execution if an attacker can direct program execution to attacker supplied memory locations containing malicious shellcode. The attacker may ultimately gain unauthorized access to a vulnerable computer in the context of the FTP server process.
Version 3.6.1 is reported vulnerable. Other prior versions may also be affected.
Affected Products:
- SapporoWorks Black JumboDog 3.6.1
References:
- SIG^2 Vulnerability Research: Buffer overflow in SapporoWorks BlackJumboDog FTP server
- SapporoWorks: BlackJumboDog Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
