GEN:SID | 1:1728 |
Message | FTP CWD ~ attempt |
Summary | This event is generated when an attempt is made to exploit a known vulnerability in the ftp server included with version 2.6 of the Sun Solaris operating system.
|
Impact | Serious.
|
Detailed Information | An error in the ftp daemon supplied with version 2.6 of Sun's Solaris operating system can cause the daemon to overflow a buffer and generate a core file that is world readable.
The attacker may also be able to fill the disk partition by generating core files.
|
Affected Systems | Sun Solaris 2.6
|
Attack Scenarios | An attacker can use a non-standard ftp client or initiate a session with the ftp server and issue a CWD ~ command. The attacker may then be able to read the core file and recover usernames and passwords for other users on the system
|
Ease of Attack | Simple
|
Corrective Action | Apply the appropriate vendor supplied patches
Upgrade to the latest non-affected version of the software
|
Additional References | |
Rule References | bugtraq: 2601
cve: 2001-0421
|