Lucene search
Copyright (C) 2002 Michael ScheidellOPENVAS:136141256231011185HistoryNov 03, 2005 - 12:00 a.m.
vxworks ftpd buffer overflow
2005-11-0300:00:00
Copyright (C) 2002 Michael Scheidell
plugins.openvas.org
31
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.105
Percentile
95.1%
It might be possible to make the remote FTP server
crash by issuing this command :
CEL aaaa(…)aaaa
This problem is similar to the
# SPDX-FileCopyrightText: 2002 Michael Scheidell
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.11185");
script_version("2023-08-01T13:29:10+0000");
script_tag(name:"last_modification", value:"2023-08-01 13:29:10 +0000 (Tue, 01 Aug 2023)");
script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_cve_id("CVE-2002-2300");
script_name("vxworks ftpd buffer overflow");
script_category(ACT_GATHER_INFO);
script_family("FTP");
script_copyright("Copyright (C) 2002 Michael Scheidell");
script_dependencies("ftpserver_detect_type_nd_version.nasl");
script_require_ports("Services/ftp", 21);
script_mandatory_keys("ftp/vxftpd/detected");
script_xref(name:"URL", value:"http://www.kb.cert.org/vuls/id/317417");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/6297");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/7480");
script_xref(name:"URL", value:"http://www.secnap.net/security/nbx001.html");
script_tag(name:"solution", value:"If you are using an embedded vxworks
product, please contact the OEM vendor and reference WindRiver field patch
TSR 296292. If this is the 3com NBX IP Phone call manager, contact 3com.");
script_tag(name:"affected", value:"This affects VxWorks ftpd versions 5.4 and 5.4.2.");
script_tag(name:"summary", value:"It might be possible to make the remote FTP server
crash by issuing this command :
CEL aaaa(...)aaaa
This problem is similar to the 'aix ftpd' overflow
but on embedded vxworks based systems like the 3com
nbx IP phone call manager and seems to cause the server
to crash.");
script_tag(name:"qod_type", value:"remote_banner");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("ftp_func.inc");
include("misc_func.inc");
include("port_service_func.inc");
port = ftp_get_port(default:21);
banner = ftp_get_banner(port: port);
if(!banner)
exit(0);
#VxWorks (5.4) FTP server ready
#220 VxWorks (5.4.2) FTP server ready
#above affected,
# below MIGHT be ok:
#220 VxWorks FTP server (VxWorks 5.4.2) ready
# and thus the banner check may be valid
# for some reason, escaping the parens causes a login failure here
# (5.4) or (5.4.[1-2])
if(egrep(pattern:".*xWorks .(5\.4.|5\.4\.[1-2])[^0-9].*FTP", string:banner)){
security_message(port:port);
exit(0);
}
exit(99);
Related
openvas
openvas
vxworks ftpd buffer overflow Denial of Service
2005-11-03 00:00:00
vxworks ftpd buffer overflow Denial of Service
2005-11-03 00:00:00
vxworks ftpd buffer overflow
2005-11-03 00:00:00
nessus
nessus
3Com NBX ftpd CEL Command Remote Overflow (1)
2002-12-02 00:00:00
3Com NBX ftpd CEL Command Remote Overflow (2)
2002-12-02 00:00:00
cvelist
cvelist
CVE-2002-2300
2007-10-18 10:00:00
nvd
nvd
CVE-2002-2300
2002-12-31 05:00:00
exploitdb
exploitdb
3Com SuperStack 3 NBX 4.0/4.1 - FTPD Denial of Service
2002-12-02 00:00:00
cve
cve
CVE-2002-2300
2007-10-18 10:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.105
Percentile
95.1%
Related for OPENVAS:136141256231011185