FTP: SITE Command Arbitrary Command Injection

This signature detects a maliciously crafted SITE request transmission to an FTP server. Such a request can be designed to execute arbitrary commands on a server hosting a FTP daemon. Commands are executed with the FTP service permissions.

Extended Description

The 'wzdftpd' utility is affected by a remote arbitrary command-execution vulnerability. This issue can allow an attacker to execute commands in the context of an affected server and potentially gain unauthorized access. Version 0.5.4 of wzdftpd is reported to be vulnerable. Other versions may be affected as well.

Affected Products

Wzdftpd wzdftpd

References

BugTraq: 14935

CVE: CVE-2005-3081

URL: http://www.wzdftpd.net/

Short Name
FTP:COMMAND:SITE-CMD-INJ
Severity
Critical
Recommended
False
Recommended Action
None
Category
FTP
Keywords
Arbitrary CVE-2005-3081 Command Injection SITE bid:14935
Release Date
04/19/2006
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3375
False Positive
Occasionally
Vendors

Wzdftpd

Debian

CVSS Score

4.6

Found a potential security threat?