KTH Kerberos 4 FTP Client PASV Execute Arbitrary Code

2002-04-24T00:00:00
ID OSVDB:4897
Type osvdb
Reporter Marcell Fodor(m.fodor@mail.datanet.hu)
Modified 2002-04-24T00:00:00

Description

Vulnerability Description

A remote overflow exists in KTH Kerberos 4 FTP Client. The FTP Client fails to do proper bounds checking while receiving a server response to a client request for passive mode, resulting in a heap overflow. By impersonating an FTP Server, an attacker can trigger the overflow on the FTP Client, resulting in a loss of integrity.

Solution Description

Upgrade to version 1.2.2 or higher, as it has been reported to fix this flaw as well as others. An upgrade is required as there are no known workarounds.

Short Description

A remote overflow exists in KTH Kerberos 4 FTP Client. The FTP Client fails to do proper bounds checking while receiving a server response to a client request for passive mode, resulting in a heap overflow. By impersonating an FTP Server, an attacker can trigger the overflow on the FTP Client, resulting in a loss of integrity.

References:

Vendor URL: http://www.pdc.kth.se/kth-krb/ Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-04/0339.html ISS X-Force ID: 8938 CVE-2002-0600 Bugtraq ID: 4592