Short Name |
FTP:OVERFLOW:PATH-LINUX-X86-3 |
---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
FTP |
Keywords |
Linux x86 Long Pathname Buffer Overflow (3) |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a realpath vulnerability in ProFTPD and wuFTPd running on LINUX. Versions ProFTPD 1.2pre1 and earlier and wuFTPd 2.4.2 (beta 18) VR9 and earlier are susceptible. Attackers can gain write access, remotely create long pathnames, and overflow the buffer to gain root access.
Successful exploitation of this vulnerability could allow execution of arbitrary code with the same privileges as the ProFTP daemon or wu-ftpd, and also unauthorized access to a vulnerable system.