FTP: ProFTPD MKD Off-By-One
This signature detects attempts to exploit a known vulnerability against ProFTPD. Versions 1.3.0rc3 are vulnerable. Attackers can upload crafted .message files to a vulnerable server and trigger the off-by-one by causing the ftp server to display the file. A successful attack can result in exploitation of arbitrary code.
Extended Description
ProFTPD is prone to a remote buffer-overflow vulnerability. This issue is due to an off-by-one error, allowing attackers to corrupt memory. Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the server application, facilitating the compromise of affected computers. ProFTPD versions prior to 1.3.0a are vulnerable to this issue. Update: This BID was recently updated to state that 'CommandBufferSize' was affected by a denial-of-service issue, but according to the vendor, that directive is not vulnerable.
Affected Products
Openpkg openpkg
Short Name
FTP:PROFTP:OFF-BY-ONE
Severity
Minor
Recommended
False
Recommended Action
None
Category
FTP
Keywords
CVE-2006-5815 MKD Off-By-One ProFTPD bid:20992
Release Date
03/19/2008
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Occasionally
Vendors
Proftpd_project
Gentoo
Trustix
Openpkg
Turbolinux
Mandriva
Slackware
Libpng
Debian
CVSS Score
10.0