Short Name |
FTP:COMMAND:WS_FTP-CMD-BO |
---|---|
Severity |
Minor |
Recommended |
No |
Recommended Action |
Drop |
Category |
FTP |
Keywords |
WS_FTP Server Command Buffer Overflow |
Release Date |
2011/06/02 |
Update Number |
1931 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects buffer overflow attempts against WS_FTP. Because WS_FTP does not perform sufficient bounds checking on network data before copying the data into process buffers, attackers may remotely execute arbitrary code on the server with the privileges of the user that activated WS_FTP.
Ipswitch WS_FTP Server is reported to be prone to buffer overruns when handling data supplied to the APPE and STAT FTP commands. An FTP user who supplies excessive input to these commands could potentially execute arbitrary code in the context of the server or cause a denial of service.