Lucene search
This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.HUMMINGBIRD_FTPD_OVERFLOW.NASLHistoryMay 30, 2005 - 12:00 a.m.
Hummingbird InetD FTP Component (ftpdw.exe) Command Overflow
2005-05-3000:00:00
This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
www.tenable.com
65
According to its banner, the ftpd daemon installed on the remote host is from the Hummingbird Connectivity suite and suffers from a buffer overflow vulnerability. An attacker can crash the daemon and possibly execute arbitrary code remotely within the context of the affected service.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description) {
script_id(18402);
script_version("1.16");
script_cve_id("CVE-2005-1815");
script_bugtraq_id(13790);
script_name(english:"Hummingbird InetD FTP Component (ftpdw.exe) Command Overflow");
script_set_attribute(attribute:"synopsis", value:
"The remote FTP server is affected by a buffer overflow vulnerability." );
script_set_attribute(attribute:"description", value:
"According to its banner, the ftpd daemon installed on the remote host
is from the Hummingbird Connectivity suite and suffers from a buffer
overflow vulnerability. An attacker can crash the daemon and possibly
execute arbitrary code remotely within the context of the affected
service." );
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?83df6392" );
script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch referenced in the vendor advisory above." );
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Hummingbird Connectivity 10 SP5 LPD Buffer Overflow');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"plugin_publication_date", value: "2005/05/30");
script_set_attribute(attribute:"vuln_publication_date", value: "2005/05/18");
script_cvs_date("Date: 2018/07/12 19:01:15");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_end_attributes();
script_summary(english:"Checks for buffer overflow vulnerability in Hummingbird ftpd");
script_category(ACT_GATHER_INFO);
script_family(english:"FTP");
script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
script_dependencie("ftpserver_detect_type_nd_version.nasl");
script_require_ports("Services/ftp", 21);
exit(0);
}
include("ftp_func.inc");
port = get_ftp_port(default: 21);
# Use a banner check; it's not configurable.
banner = get_ftp_banner(port:port);
if (
banner &&
egrep(string:banner, pattern:"^220[- ] .+HCLFTPD\) Version ([0-9]\.|10\.0\.0\.0)\)")
) security_hole(port);
Related
saint
saint
Hummingbird InetD LPD buffer overflow
2005-11-29 00:00:00
Hummingbird InetD LPD buffer overflow
2005-11-29 00:00:00
Hummingbird InetD LPD buffer overflow
2005-11-29 00:00:00
cve
cve
CVE-2005-1815
2005-06-01 04:00:00
checkpoint_advisories
checkpoint_advisories
Hummingbird InetD LPD Component Buffer Overflow (CVE-2005-1815)
2010-03-24 00:00:00
nessus
nessus
Hummingbird InetD LPD Component (Lpdw.exe) Data Overflow
2005-05-30 00:00:00
packetstorm
packetstorm
Hummingbird Connectivity 10 SP5 LPD Buffer Overflow
2009-11-26 00:00:00
Related for HUMMINGBIRD_FTPD_OVERFLOW.NASL