Nessus ftp_log_in Overflow

2003-05-23T00:00:00
ID OSVDB:3191
Type osvdb
Reporter OSVDB
Modified 2003-05-23T00:00:00

Description

Vulnerability Description

Nessus contains a flaw that allows a local user to create a denial of service to the scanner. The condition is due to a flaw in the Nessus Attack Scripting Language (NASL) engine when the "plugins_upload" option is enabled. A local attacker can provide a long "user" or "pass" argument to the ftp_log_in() function and cause the NASL to crash.

Technical Description

This attack requires the local user to have a valid Nessus account.

Solution Description

Upgrade to version 2.0.6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Nessus contains a flaw that allows a local user to create a denial of service to the scanner. The condition is due to a flaw in the Nessus Attack Scripting Language (NASL) engine when the "plugins_upload" option is enabled. A local attacker can provide a long "user" or "pass" argument to the ftp_log_in() function and cause the NASL to crash.

References:

Secunia Advisory ID:8842 Other Advisory URL: http://archives.neohapsis.com/archives/bugtraq/2003-05/0250.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-05/0243.html ISS X-Force ID: 12059 CVE-2003-0373