Short Name |
FTP:EXPLOIT:GLFTPD-KAKAKA |
---|---|
Severity |
Major |
Recommended |
No |
Category |
FTP |
Keywords |
GLftpd Administrator Account Compromise |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against GLftpd. Attackers can use a maliciously crafted FTP session to execute arbitrary commands on the host as the administrative user.
A vulnerabilty has been discovered in Archimede's glftpd which may allow an unauthorized user to obtain root privileges. When adding a 'oneliner' string on the FTP server, root privileges are required to update the global FTP file 'oneliners'. It has been reported that glftpd fails to effectively drop privileges after updating the said file. Exploitation of this issue may allow an attacker to obtain an effective user identification of 'root'. It should be noted that the user would still be contained within the established FTP chroot environment.