FTP: FreeFloat FTP Server Invalid Command Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the FreeFloat FTP Server. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."

References

BugTraq: 49265 48704 11772 36189

CVE: CVE-2009-3023

Short Name
FTP:FREEFLOAT-CMD-BO
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
FTP
Keywords
Buffer CVE-2009-3023 Command FTP FreeFloat Invalid Overflow Server bid:11772 bid:36189 bid:48704 bid:49265
Release Date
11/28/2012
Supported Platforms

srx-branch-19.3

vsrx3bsd-19.2

srx-19.4

vsrx3bsd-19.4

srx-branch-19.4

vsrx-19.4

vsrx-19.2

srx-19.3

srx-branch-12.3

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx-12.3

vmx-19.3

srx-12.3

Sigpack Version
3704
False Positive
Unknown
CVSS Score

9.3

Found a potential security threat?