Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 FTP:COMMAND:WS_FTP-CMD-BO

Severity

 Minor

Recommended

 No

Recommended Action

 Drop

Category

 FTP

Keywords

 WS_FTP Server Command Buffer Overflow

Release Date

 2011/06/02

Update Number

 1931

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

FTP: WS_FTP Server Command Buffer Overflow


This signature detects buffer overflow attempts against WS_FTP. Because WS_FTP does not perform sufficient bounds checking on network data before copying the data into process buffers, attackers may remotely execute arbitrary code on the server with the privileges of the user that activated WS_FTP.

Extended Description

Ipswitch WS_FTP Server is reported to be prone to buffer overruns when handling data supplied to the APPE and STAT FTP commands. An FTP user who supplies excessive input to these commands could potentially execute arbitrary code in the context of the server or cause a denial of service.

Affected Products

  • Ipswitch ws_ftp_server 3.4.0
  • Ipswitch ws_ftp_server 4.0.0
  • Ipswitch ws_ftp_server 4.0.0 1

References

  • BugTraq: 8542
  • BugTraq: 38262
  • CVE: CVE-2003-0772
  • URL: http://paulmakowski.wordpress.com/2010/02/28/increasing-payload-size-w-return-address-overwrite/
  • URL: http://paulmakowski.wordpress.com/2010/04/19/metasploit-plugin-for-easyftp-server-exploit
  • URL: http://seclists.org/bugtraq/2010/Feb/202

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out