Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Gain root remotely >> Crob FTP Server Buffer Overflow Vulnerabilities


Vulnerability Assessment Details

Crob FTP Server Buffer Overflow Vulnerabilities

Vulnerability Assessment Summary
Checks for multiple buffer overflow vulnerabilities in Crob FTP Server

Detailed Explanation for this Vulnerability Assessment

Summary :

The remote FTP server is prone to multiple buffer overflow attacks.

Description :

The version of Crob FTP Server on the remote host suffers from
multiple remote buffer overflows. Once authenticated, a possible hacker can
exploit these vulnerabilities to crash the affected daemon and even
execute arbitrary code remotely within the context of the affected
service.

See also :

http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-06-06
http://milw0rm.com/exploits/2926

Solution :

Upgrade to Crob FTP Server version 3.6.1 build 263 or later.

Network Security Threat Level:

Low / CVSS Base Score : 2.3
(AV:R/AC:L/Au:NR/C:N/I:N/A:P/B:N)

Networks Security ID: 13847, 13848

Vulnerability Assessment Copyright: This script is Copyright (C) 2005-2006 Tenable Network Security

Cables, Connectors

Juniper SRX5K-SPC-2-10-40-C Service processing card SRX5600
$804.54
Juniper SRX5K-SPC-2-10-40-C Service processing card SRX5600 pictureJUNIPER NETWORKS EX-UM-2XFP PLUGIN 2 PORT 10 GBE/XFP EXPANSION MODULE COUIARDBTB
$399.76
JUNIPER NETWORKS EX-UM-2XFP PLUGIN 2 PORT 10 GBE/XFP EXPANSION MODULE COUIARDBTB pictureJuniper SA 700 SA700 VPN Secure Remote Access Appliance
$0.95
Juniper SA 700 SA700 VPN Secure Remote Access Appliance   pictureJuniper (WLA532-US) model 532 wireless access point
$121.72
Juniper (WLA532-US) model 532 wireless access point picture


Discussions

No Discussions have been posted on this vulnerability.