Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: FTP --> Category: infos

ProFTPd ASCII upload overflow Vulnerability Scan


Vulnerability Scan Summary
Checks the remote ProFTPD version

Detailed Explanation for this Vulnerability Test

The remote host is running a version of ProFTPd which seems
to be vulnerable to a buffer overflow when a user downloads
a malformed ASCII file.

A possible hacker with upload rights on this host may abuse this
flaw to gain a root shell on this host.

*** The author of ProFTPD did not increase the version number
*** of his product when fixing this issue, so it might be false
*** positive.

Solution : Upgrade to ProFTPD 1.2.9 when available or to 1.2.8p
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.