Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: FTP --> Category: mixed

FTPD glob Heap Corruption Vulnerability Scan

Vulnerability Scan Summary
Check if the remote FTPD s vulnerable to a glob heap corruption vulnerability

Detailed Explanation for this Vulnerability Test

The FTPD glob vulnerability manifests itself in handling of the glob command.
The problem is not a typical buffer overflow or format string vulnerability,
but a combination of two bugs: an implementation of the glob command that does not
properly return an error condition when interpreting the string ~{,
and then frees memory which may contain user supplied data. This
vulnerability is potentially exploitable by any user who is able to log in to
a vulnerable server, including users with anonymous access. If successful, an
attacker may be able to execute arbitrary code with the rights of FTPD,
typically root.

Solution : Contact your vendor for a fix
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.