Short Name |
FTP:SERVU:CHMOD-OVERFLOW |
---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
FTP |
Keywords |
ServU CHMOD Filename Overflow |
Release Date |
2004/03/10 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the ServU FTP server CHMOD command. The CHMOD command is typically used to change server file permissions. Attackers can send an overly long filename argument to the CHMOD command to execute arbitrary code with system privileges.
RhinoSoft Serv-U FTP Server is prone to a remote post-authentication buffer-overflow vulnerability. The vulnerability occurs when a malicious filename argument is passed to the SITE CHMOD command. The immediate consequences of this issue may be a denial of service. An attacker may be able to leverage this condition to execute arbitrary code in the context of the affected service, but this has not been confirmed.