FTP: uftpd FTP Server PORT Command Handling Stack Buffer Overflow

This signature detects attempts to exploit a known vulnerability against uftpd FTP server. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the service.

Extended Description

In uftpd before 2.11, there is a buffer overflow vulnerability in handle_PORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf() with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses (len('255.255.255.255') == 16), but the format specifier %d allows more than 3 digits. This has been fixed in version 2.11

Affected Products

Troglobit uftpd

References

CVE: CVE-2020-5204

Short Name
FTP:OVERFLOW:UFTPD-PORT-CMD-SBO
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
FTP
Keywords
Buffer CVE-2020-5204 Command FTP Handling Overflow PORT Server Stack uftpd
Release Date
04/09/2020
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3415
False Positive
Unknown
Vendors

Troglobit

CVSS Score

6.5

Found a potential security threat?