Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 FTP:OVERFLOW:ASCII-WRITE

Severity

 Major

Recommended

 No

Recommended Action

 Drop

Category

 FTP

Keywords

 ProFTP ASCII Off By Two Overflow

Release Date

 2005/09/28

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

FTP: ProFTP ASCII Off By Two Overflow


This signature detects an attempt to exploit an off-by-two vulnerability in ProFTP. This vulnerability can lead to arbitrary remote code execution within the context of the ftp server. Exploits are publicly available.

Extended Description

A remotely exploitable buffer overrun was reported in ProFTPD. This issue is due to insufficient bounds checking of user-supplied data in the '_xlate_ascii_write()' function, permitting an attacker to overwrite two bytes of memory adjacent to the affected buffer. The attacker may be able to exploit this to execute arbitrary code in the context of the server. The attacker may trigger this issue by submitting a RETR command to the server.

Affected Products

  • Debian linux 2.2.0
  • Debian linux 2.2.0 68k
  • Debian linux 2.2.0 alpha
  • Debian linux 2.2.0 arm
  • Debian linux 2.2.0 IA-32
  • Debian linux 2.2.0 Powerpc
  • Proftpd_project proftpd 1.2.7
  • Proftpd_project proftpd 1.2.8
  • Proftpd_project proftpd 1.2.9 Rc1
  • Proftpd_project proftpd 1.2.9 Rc2
  • Red_hat linux 6.2.0
  • Red_hat linux 6.2.0 Alpha
  • Red_hat linux 6.2.0 E Alpha
  • Red_hat linux 6.2.0 E I386
  • Red_hat linux 6.2.0 E Sparc
  • Red_hat linux 6.2.0 I386
  • Red_hat linux 6.2.0 Sparc
  • Red_hat linux 6.2.0 sparcv9
  • Red_hat linux 7.1.0
  • Red_hat linux 7.1.0 Alpha
  • Red_hat linux 7.1.0 alphaev6
  • Red_hat linux 7.1.0 I386
  • Red_hat linux 7.1.0 i586
  • Red_hat linux 7.1.0 i686
  • Red_hat linux 7.1.0 Ia64
  • Red_hat linux 7.1.0 iseries
  • Red_hat linux 7.1.0 k i386
  • Red_hat linux 7.1.0 noarch
  • Red_hat linux 7.1.0 pseries
  • Red_hat linux 7.2.0
  • Red_hat linux 7.2.0 alpha
  • Red_hat linux 7.2.0 athlon
  • Red_hat linux 7.2.0 I386
  • Red_hat linux 7.2.0 i586
  • Red_hat linux 7.2.0 i686
  • Red_hat linux 7.2.0 Ia64
  • Red_hat linux 7.2.0 noarch
  • Red_hat linux 7.3.0
  • Red_hat linux 7.3.0 I386
  • Red_hat linux 7.3.0 I686
  • Red_hat linux 8.0.0
  • Red_hat linux 8.0.0 I386
  • Red_hat linux 8.0.0 I686
  • Red_hat linux 9.0.0 I386
  • Turbolinux appliance_server 1.0.0 Workgroup Edition
  • Turbolinux appliance_server_workgroup_edition 1.0.0
  • Turbolinux turbolinux_server 7.0.0
  • Turbolinux turbolinux_server 8.0.0
  • Turbolinux turbolinux_workstation 7.0.0
  • Turbolinux turbolinux_workstation 8.0.0

References

  • BugTraq: 9782
  • CVE: CVE-2004-0346

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out