FTP: Username Format String Attack
This signature detects format string characters sent to an FTP server as a username. This can be an indication of an attempt to exploit a vulnerability in the FTP server.
Extended Description
A vulnerability has been reported for Crob FTP Server. The problem occurs due to invalid format specifiers used when displaying a user-supplied username. As a result, it may be possible for an attacker to embed format specifiers within a malicious username. Successful exploitation of this vulnerability would allow an attacker to overwrite arbitrary locations in memory, ultimately allowing for the execution of arbitrary code. All commands executed in this manner would be run with the privileges of the Crob FTP Server.
Affected Products
Crob crob_ftp_server
Short Name
FTP:USER:FORMAT-STRING
Severity
Minor
Recommended
False
Recommended Action
None
Category
FTP
Keywords
Attack Format String Username bid:7776
Release Date
10/08/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Crob