GEN:SID | 1:2338 |
Message | FTP LIST buffer overflow attempt |
Summary | This event is generated when an attempt is made to exploit a known vulnerability in GtkFtpd.
|
Impact | Execution of arbitrary code. Possible unauthorized root access.
|
Detailed Information | GtkFtpd fails to perform sufficient checks on user supplied data to the daemon. An attacker may exploit this vulnerability to execute code of their choosing as the root user. This may also lead to remote root access to the server.
|
Affected Systems | GtkFtpd 1.0.2, 1.0.3 and 1.0.4
|
Attack Scenarios | An attacker may use a publicly available exploit script to take advantage of the vulnerability.
|
Ease of Attack | Simple. Exploit code exists.
|
Corrective Action | Apply the appropriate vendor supplied patches.
Upgrade to the latest non-affected version of the software.
Use scp/sftp as an alternative to ftp.
|
Additional References | |
Rule References | cve: 1999-0349
bugtraq: 9675
bugtraq: 8486
bugtraq: 7861
bugtraq: 7251
bugtraq: 6869
bugtraq: 10181
cve: 1999-1510
cve: 2000-0129
url: www.microsoft.com/technet/security/bulletin/MS99-003.mspx
|