Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
FTP:MS-FTP:MAL-CHARS-FTP-REQ |
|---|---|
Severity |
Minor |
Recommended |
No |
Recommended Action |
Drop |
Category |
FTP |
Keywords |
Malicious Characters In FTP Request Detected |
Release Date |
2010/12/22 |
Update Number |
1837 |
Supported Platforms |
idp-4.0+, isg-3.4+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
FTP: Malicious Characters In FTP Request Detected
This signature detects attempts to exploit a remote FTP server. Attacker can send malformed characters in FTP request. A successful attack can lead to arbitrary remote code execution within the context of the server or denial of service condition.
Extended Description
Microsoft IIS is prone to a buffer-overflow vulnerability affecting the application's FTP service. Successful exploits may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will likely crash the FTP service, resulting in denial-of-service conditions. IIS 7.5 is vulnerable; other versions may also be affected.
Affected Products
- Avaya aura_conferencing 6.0.0 Standard
- Microsoft iis 7.0
- Microsoft iis 7.5
References
- BugTraq: 45542
- CVE: CVE-2010-3972
- CVE: CVE-2012-5002
- URL: http://www.inshell.net/2012/03/ricoh-dc-software-dl-10-ftp-server-sr10-exe-remote-buffer-overflow-vulnerability/
- URL: http://www.exploit-db.com/exploits/15803/
- URL: http://blogs.technet.com/b/srd/archive/2010/12/22/assessing-an-iis-ftp-7-5-unauthenticated-denial-of-service-vulnerability.aspx
- URL: http://secunia.com/advisories/47912