FTP: Username Too Long

This protocol anomaly is a username in an FTP connection that exceeds the length threshold. This can be an attempt to overflow the server. Default value: 32. You can set the FTP username length threshold to a higher or lower value. In IDP Manager: Select a security policy from Security Policies, then select the Sensor Settings tab. Select Protocol Thresholds and Configuration > FTP. In Netscreen-Security Manager: In the device navigation tree select Security > IDP SM Settings, then select the Protocol Thresholds and Configuration tab. Under FTP, click the Show button. Set the Maximum Username length to the new value and click OK.

Extended Description

Such conditions could indicate a configuration or implementation error, or it could indicate that an attack against FTP servers or clients is underway.

Short Name
FTP:OVERFLOW:USERNAME-2-LONG
Severity
Major
Recommended
True
Recommended Action
Drop
Category
FTP
Keywords
CVE-1999-0256 CVE-1999-1510 CVE-1999-1514 CVE-1999-1519 CVE-1999-1539 CVE-2000-0479 CVE-2000-0656 CVE-2000-0761 CVE-2000-0943 CVE-2000-1194 CVE-2001-0256 CVE-2001-0794 CVE-2001-0826 CVE-2002-0126 CVE-2002-1522 CVE-2003-0271 CVE-2004-0286 CVE-2004-0695 CVE-2005-0634 CVE-2005-3683 CVE-2006-0441 CVE-2006-2212 CVE-2010-1938 CVE-2013-5680 CVE-2015-7767 bid:10078 bid:10720 bid:12155 bid:13396 bid:15457 bid:16370 bid:17835 bid:22045 bid:22944 bid:45181 bid:49427 ftp
Release Date
08/27/2003
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3672
False Positive
Frequently
CVSS Score

7.5

9.3

6.8

10.0

5.0

Found a potential security threat?