|
Family: FTP --> Category: infos
ProFTPd ASCII upload overflow Vulnerability Scan
Vulnerability Scan Summary Checks the remote ProFTPD version
Detailed Explanation for this Vulnerability Test
The remote host is running a version of ProFTPd which seems
to be vulnerable to a buffer overflow when a user downloads
a malformed ASCII file.
A possible hacker with upload rights on this host may abuse this
flaw to gain a root shell on this host.
*** The author of ProFTPD did not increase the version number
*** of his product when fixing this issue, so it might be false
*** positive.
Solution : Upgrade to ProFTPD 1.2.9 when available or to 1.2.8p
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|