Signature Detail

FTP: 3CDaemon Path Disclosure

This signature detects attempts to exploit a known vulnerability against FTP 3CDaemon. Attackers can use the 3CDaemon to disclose information; for example, a full path.

Extended Description

3CDaemon is reportedly prone to multiple vulnerabilities. These issues may allow an attacker to crash the application, disclose sensitive information, and potentially execute arbitrary code on a vulnerable computer. The following specific issues were identified: Multiple format string vulnerabilities are reported to affect the application. These issues may allow an attacker to cause a denial of service condition or write to arbitrary process memory and potentially execute code. Multiple buffer overflow vulnerabilities affect the application as well. These issues may allow remote attackers to execute arbitrary code on a vulnerable computer or crash the application. 3CDaemon also discloses sensitive information when a request for certain MS-DOS device names is carried out. This type of sensitive information may be used in further attacks against the computer. 3CDaemon 2.0 revision 10 is reported prone to these vulnerabilities, however, other versions may also be affected.

Affected Products

• 3com 3cdaemon 2.0.0 revision 10

References

• BugTraq: 12155
• CVE: CVE-2005-0278
• URL: http://marc.theaimsgroup.com/?l=bugtraq&m=110485674622696&w=2