Lucene search
This script is Copyright (C) 2003 Digital Defense, Inc.OPENVAS:11205HistoryNov 03, 2005 - 12:00 a.m.
War FTP Daemon CWD/MKD Buffer Overflow
2005-11-0300:00:00
This script is Copyright (C) 2003 Digital Defense, Inc.
plugins.openvas.org
13
0.012 Low
EPSS
Percentile
83.8%
The version of the War FTP Daemon running on this host is vulnerable to a
buffer overflow attack. This is due to improper bounds checking within the
code that handles both the CWD and MKD commands. By exploiting this
vulnerability, it is possible to crash the server, and potentially run
arbitrary commands on this system.
# OpenVAS Vulnerability Test
# $Id: DDI_warftpd_cwd_overflow.nasl 6040 2017-04-27 09:02:38Z teissa $
# Description: War FTP Daemon CWD/MKD Buffer Overflow
#
# Authors:
# Erik Tayler <[email protected]>
#
# Copyright:
# Copyright (C) 2003 Digital Defense, Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
tag_summary = "The version of the War FTP Daemon running on this host is vulnerable to a
buffer overflow attack. This is due to improper bounds checking within the
code that handles both the CWD and MKD commands. By exploiting this
vulnerability, it is possible to crash the server, and potentially run
arbitrary commands on this system.";
tag_solution = "Visit the following link and download the latest version of WarFTPd:
ftp://ftp.jgaa.com/pub/products/Windows/WarFtpDaemon/";
if(description)
{
script_id(11205);
script_version("$Revision: 6040 $");
script_tag(name:"last_modification", value:"$Date: 2017-04-27 11:02:38 +0200 (Thu, 27 Apr 2017) $");
script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
script_bugtraq_id(966);
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_cve_id("CVE-2000-0131");
name = "War FTP Daemon CWD/MKD Buffer Overflow";
script_name(name);
summary = "War FTP Daemon CWD/MKD Buffer Overflow";
script_category(ACT_ATTACK);
script_tag(name:"qod_type", value:"remote_banner");
script_copyright("This script is Copyright (C) 2003 Digital Defense, Inc.");
family = "FTP";
script_family(family);
script_require_ports("Services/ftp", 21);
script_dependencies("find_service_3digits.nasl");
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
exit(0);
}
include("ftp_func.inc");
port = get_kb_item("Services/ftp");
if(!port)port = 21;
if(get_port_state(port))
{
r = get_ftp_banner(port:port);
if(!r)exit(0);
if(("WAR-FTPD 1.66x4" >< r) || ("WAR-FTPD 1.67-03" >< r))
{
security_message(port);
}
}
Related
nessus
nessus
WarFTPd CWD/MKD Command Overflow
2003-01-22 00:00:00
cvelist
cvelist
CVE-2000-0131
2000-04-18 04:00:00
CVE-2007-1567
2007-03-21 21:00:00
cve
cve
CVE-2000-0131
2000-02-01 05:00:00
CVE-2007-1567
2007-03-21 21:19:00
openvas
openvas
War FTP Daemon CWD/MKD Buffer Overflow
2005-11-03 00:00:00
prion
prion
Stack overflow
2007-03-21 21:19:00