|
Family: FTP --> Category: destructive_attack
BSD ftpd setproctitle() format string Vulnerability Scan
Vulnerability Scan Summary Checks if the remote ftpd is vulnerable to format string attacks
Detailed Explanation for this Vulnerability Test
The remote FTP server misuses the function setproctitle() and
may allow a possible hacker to gain a root shell on this host by
logging in as 'anonymous' and providing a carefully crafted
format string as its email address.
Solution : upgrade your FTP server.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|