|
A
buffer overflow vulnerability was found in Golden FTP Server version
2.52, which can be exploited by malicious people to compromise a
vulnerable system. A boundary error in the log parsing functionality
causes this vulnerability. When the log parsing functionality
handles entries in the "gftppro.log" file, if an overly
long argument is passed to the "USER" FTP command, a
stack-based buffer overflow can happen. An example of such buffer
overflow attack is shown as below:
char
userreq[] =
"USER
"
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
Successful
exploitation could allow attackers to execute arbitrary code.
Golden
FTP Server Pro version 2.52 (10.04.2005) and prior are known
affected products.
BroadWeb
Security Service Team (BSST) has released the countermeasure
signatures in signature version 2.89, which includes:
#
1051915_EXPLOIT Golden FTP Server Pro Remote "USER"
Command Overflow
NetKeeper
users are urged to upgrade their signature patterns to version 2.89
or later in order to thwart these attacks.
(BSST,
Broadweb Security Service Team)
|
