FTP: Multiple Vendor Command Overflow
This signature detects attempts to exploit known vulnerabilities in multiple FTP servers. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the vulnerable service.
Extended Description
A remote buffer overflow vulnerability affects WhitSoft Development SlimFTPd. The problem presents itself when an authenticated user issues a command with excessive string values as parameters. An attacker can leverage this issue to execute arbitrary machine code with the privileges of the affected FTP server, facilitating unauthorized access to the vulnerable computer.
Affected Products
Whitsoft slimftpd
References
BugTraq: 14339 8375 49427 8542
CVE: CVE-2009-3023
URL: http://www.blackhat.com/presentations/bh-usa-03/bh-us-03-litchfield-paper.pdf
Short Name
FTP:COMMAND:MULTIPLE-OF
Severity
Major
Recommended
False
Recommended Action
None
Category
FTP
Keywords
CVE-1999-0256 CVE-2003-0727 CVE-2003-0772 CVE-2006-3952 CVE-2006-5001 CVE-2009-3023 Command Multiple Overflow Vendor bid:14339 bid:49427 bid:8375 bid:8542
Release Date
03/22/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3397
False Positive
Unknown
Vendors
Whitsoft
CVSS Score
7.5
9.3
2.1
5.0