FTP: Format String in Command

This signature detects attempts to exploit a known vulnerability against Multiple FTP Servers. Attackers can execute arbitrary code in the context of the server process.

Extended Description

Dream FTP Server is prone to a remote format-string vulnerability when processing a malicious request from a client. Exploiting this issue could allow an attacker to crash the server and possibly to execute arbitrary code on the system hosting the server. This would occur in the security context of the server process.

Affected Products

Bolintech dream_ftp_server

References

BugTraq: 9800

CVE: CVE-2004-2074

Short Name
FTP:COMMAND:FTP-FS-COMMAND
Severity
Major
Recommended
False
Recommended Action
Drop
Category
FTP
Keywords
CVE-2004-2074 Command Format String bid:9800 in
Release Date
05/24/2010
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3375
False Positive
Unknown
Vendors

Bolintech

CVSS Score

5.0

Found a potential security threat?