|
Family: FTP --> Category: mixed
bftpd format string vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks if the remote bftpd daemon is vulnerable to a format string attack
Detailed Explanation for this Vulnerability Test
The remote ftp server does not sanitize properly the output
it gets from the NLST command.
It may be possible for a remote attacker to gain root access
thanks to this bug if he can write in any directory served
by this ftp daemon.
Solution : Upgrade your bftpd server to version 1.0.13
Reference : http://online.securityfocus.com/archive/1/149216
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|