FTP: Pablo FTP Server Format String DoS
This signature detects attempts to exploit a known vulnerability against the Pablo FTP Server. Versions 1.2, 1.3, and 1.5 running on Windows 2000 are vulnerable. Because the FTP server improperly parses format string characters, attackers can supply a maliciously crafted username to execute arbitrary code and crash the server.
Extended Description
A format string vulnerability has been reported in Pablo Software Solutions FTP Server. The vulnerability occurs due to inadequate checking of user-supplied input for the login credentials. An attacker can exploit this vulnerability by logging into the FTP server with a username that includes malicious format specifiers. This may result in memory being overwritten by remote attackers, possibly to execute arbitrary code. Attacker-supplied code will be executed with the privileges of the FTP server.
Affected Products
Pablo_software_solutions ftp_service
References
BugTraq: 6099
CVE: CVE-2002-1244
URL: http://www.pablosoftwaresolutions.com/ http://www.securiteam.com/windowsntfocus/6G0031F60Y.html
Short Name
FTP:PABLO-FTP:FORMAT-STRING
Severity
Major
Recommended
False
Recommended Action
Drop
Category
FTP
Keywords
CVE-2002-1244 DoS FTP Format Pablo Server String bid:6099
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Pablo_software_solutions
CVSS Score
7.5