FTP: Password Too Long
This protocol anomaly indicates an FTP client password that exceeds the length threshold. This can indicate a malicious FTP client attempting to overflow the server. Default value: 64. You can set the FTP password length threshold to a higher or lower value. In IDP Manager: Select a security policy from Security Policies, then select the Sensor Settings tab. Select Protocol Thresholds and Configuration > FTP. In Netscreen-Security Manager: In the device navigation tree select Security > IDP SM Settings, then select the Protocol Thresholds and Configuration tab. Under FTP, click the Show button. Set the Maximum Password length to the new value and click OK.
Extended Description
Such conditions could indicate a configuration or implementation error, or it could indicate that an attack against FTP servers or clients is underway.
Short Name
FTP:OVERFLOW:PASS-TOO-LONG
Severity
Major
Recommended
True
Recommended Action
Drop
Category
FTP
Keywords
CVE-1999-0256 CVE-2006-6576 bid:45957 ftp
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3324
False Positive
Unknown
CVSS Score
7.5