FTP: Multiple FTP Server GET Command Directory Traversal 2
This signature detects directory traversal attempts to download a file from a malicious server. The server can embed a directory traversal attack in the filename to specify the exact file download location on the client machine.
Extended Description
The FTP client in Windows XP SP1 and Server 2003, and Internet Explorer 6 SP1 on Windows 2000 SP4, when "Enable Folder View for FTP Sites" is enabled and the user manually initiates a file transfer, allows user-assisted, remote FTP servers to overwrite files in arbitrary locations via crafted filenames.
Affected Products
Microsoft windows_2000
Short Name
FTP:COMMAND:GET-CMD-DIR-TRAV-2
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
FTP
Keywords
2 CVE-2004-1376 CVE-2005-2126 Command Directory FTP GET Multiple Server Traversal bid:12160
Release Date
06/14/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
Port
TCP/1055,1056
False Positive
Unknown
Vendors
Microsoft
CVSS Score
2.6
5.0