FTP: Easy FTP Server Command Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Easy FTP Server 1.7.0.11. Other versions may also be affected. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server. Because the size of the buffer for this exploit is small, this signature can create false positives on normal traffic from other FTP software. No recommended action is attached to this signature due to the risk of false positives on other FTP software. If you are using Easy FTP or UplusFTP, set the action to drop.
Extended Description
Easy FTP Server (AKA UplusFTP) is prone to multiple remote buffer-overflow vulnerabilities. Attackers can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Easy FTP Server 1.7.0.11 is vulnerable; other versions may also be affected.
Affected Products
Easy_ftp_server easy_ftp_server
Short Name
FTP:OVERFLOW:EASY-FTP-OF
Severity
Major
Recommended
False
Recommended Action
None
Category
FTP
Keywords
Buffer Command Easy FTP Overflow Server bid:42469
Release Date
08/20/2010
Supported Platforms
srx-branch-12.3
srx-branch-19.3
vsrx3bsd-19.2
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
srx-19.4
srx-12.3
vsrx-19.2
srx-19.3
vmx-19.4
mx-12.3
mx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
Sigpack Version
3735
False Positive
Unknown
Vendors
Easy_ftp_server