FTP: ProFTP ASCII Off By Two Overflow
This signature detects an attempt to exploit an off-by-two vulnerability in ProFTP. This vulnerability can lead to arbitrary remote code execution within the context of the ftp server. Exploits are publicly available.
Extended Description
A remotely exploitable buffer overrun was reported in ProFTPD. This issue is due to insufficient bounds checking of user-supplied data in the '_xlate_ascii_write()' function, permitting an attacker to overwrite two bytes of memory adjacent to the affected buffer. The attacker may be able to exploit this to execute arbitrary code in the context of the server. The attacker may trigger this issue by submitting a RETR command to the server.
Affected Products
Turbolinux appliance_server
Short Name
FTP:OVERFLOW:ASCII-WRITE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
FTP
Keywords
ASCII By CVE-2004-0346 Off Overflow ProFTP Two bid:9782
Release Date
09/28/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Red_hat
Proftpd_project
Turbolinux
Debian
CVSS Score
7.2