FTP: ProFTPD log_xfer() Buffer Overflow (1)
This signature detects attempts to exploit a known vulnerability against the log_xfer() function in ProFTPD. This vulnerability affects ProFTPD versions 1.2.0pre1, pre2, and pre3. Attackers can execute arbitrary code on the target host with administrator privileges.
Extended Description
The vulnerability in 1.2pre1, 1.2pre3 and 1.2pre3 is a remotely exploitable buffer overflow, the result of a sprintf() in the log_xfer() routine in src/log.c. The vulnerability in 1.2pre4 is a mkdir overflow. The name of the created path can not exceed 255 chars. 1.2pre6 limits the command buffer size to 512 characters in src/main.c and modifies the fix from 1.2pre4.
Affected Products
Proftpd_project proftpd
References
BugTraq: 612
CVE: CVE-1999-0911
URL: http://www.securityfocus.com/bid/612 http://www.debian.org/security/1999/19990210
Short Name
SCAN:MISC:FTP:LOGXFR-OF1
Severity
Warning
Recommended
False
Recommended Action
None
Category
SCAN
Keywords
(1) Buffer CVE-1999-0911 Overflow ProFTPD bid:612 log_xfer()
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Proftpd_project
CVSS Score
10.0