Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 FTP:SERVU:MDTM-OVERFLOW

Severity

 Critical

Recommended

 No

Recommended Action

 Drop

Category

 FTP

Keywords

 Serv-U MDTM TimeZone Overflow

Release Date

 2004/03/10

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

FTP: Serv-U MDTM TimeZone Overflow


This signature detects attempts to exploit a known vulnerability in the ServU FTP server MDTM command. The MDTM command is typically used to change the file timestamp on the server. Attackers can send a maliciously crafted timezone argument to the MDTM command to execute arbitrary code with system privileges.

Extended Description

Serv-U FTP Server has been reported prone to a remote stack based buffer overflow vulnerability when handling time zone arguments passed to the MDTM FTP command. The problem exists due to insufficient bounds checking. Ultimately an attacker may leverage this issue to have arbitrary instructions executed in the context of the SYSTEM user.

Affected Products

  • Rhino_software serv-u 3.0.0
  • Rhino_software serv-u 3.1.0
  • Rhino_software serv-u 4.0.0 .0.4
  • Rhino_software serv-u 4.1.0
  • Rhino_software serv-u 4.1.0 .0.11
  • Rhino_software serv-u 4.2.0

References

  • BugTraq: 9751
  • CVE: CVE-2004-0330
  • CVE: CVE-2001-1021
  • URL: http://marc.theaimsgroup.com/?l=bugtraq&m=107781164214399&w=2
  • URL: http://archives.neohapsis.com/archives/bugtraq/2004-02/0654.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out