NetBSD ftpd STAT Command Firewall State Table Corruption DoS

2002-11-20T00:00:00
ID OSVDB:20754
Type osvdb
Reporter Internet Initiative Japan Inc.()
Modified 2002-11-20T00:00:00

Description

Vulnerability Description

NetBSD contains a flaw that may allow a malicious attacker to corrupt state tables in intermediate firewall devices via the STAT command in ftpd. The issue is triggered when a filename that contains "\n[0-9]" is specified. It is possible that the flaw may result in a loss of integrity and/or availability.

Solution Description

Upgrade to version 1.6.1 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround: update the source in libexec/ftp using CVS and compile a new ftpd binary.

Short Description

NetBSD contains a flaw that may allow a malicious attacker to corrupt state tables in intermediate firewall devices via the STAT command in ftpd. The issue is triggered when a filename that contains "\n[0-9]" is specified. It is possible that the flaw may result in a loss of integrity and/or availability.

References:

Vendor Specific Advisory URL CERT VU: 328867