FTP: Line Too Long
This protocol anomaly indicates an incoming FTP line that is too long. This can indicate an attempt to overflow the server. Default value: 1024. You can set the FTP line length threshold to a higher or lower value. In IDP Manager: Select a security policy from Security Policies, then select the Sensor Settings tab. Select Protocol Thresholds and Configuration > FTP. In Netscreen-Security Manager: In the device navigation tree select Security > IDP SM Settings, then select the Protocol Thresholds and Configuration tab. Under FTP, click the Show button. Set the Maximum Line Length to the new value and click OK.
Extended Description
BisonFTP Server is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code within the context of the application. Failed attacks may cause a denial-of-service condition. BisonFTP Server versions 3.5 and prior are affected.
Affected Products
Bisonftp bisonftp_server
References
BugTraq: 15998 36128 9483 49109 15457
CVE: CVE-2013-4730
URL: http://www.faqs.org/rfcs/rfc959.html http://secpod.org/msf/bison_server_bof.rb
Short Name
FTP:OVERFLOW:LINE-TOO-LONG
Severity
Major
Recommended
True
Recommended Action
Drop
Category
FTP
Keywords
CVE-1999-1510 CVE-2004-2111 CVE-2005-3683 CVE-2005-4459 CVE-2007-0217 CVE-2009-3976 CVE-2013-4730 CVE-2019-18217 Line Long Too bid:15457 bid:15998 bid:36128 bid:49109 bid:9483
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3660
False Positive
Unknown
Vendors
Bisonftp
CVSS Score
10.0
5.0