Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Gain root remotely >> XM Easy FTP Server USER Command Buffer Overflow Vulnerability

Vulnerability Assessment Details

XM Easy FTP Server USER Command Buffer Overflow Vulnerability

Vulnerability Assessment Summary
Checks for USER command buffer overflow vulnerability in XM Easy FTP Server

Detailed Explanation for this Vulnerability Assessment

Summary :

The remote FTP server is affected by a buffer overflow flaw.

Description :

The remote host appears to be using XM Easy FTP Server, a personal FTP
server for Windows.

The version of XM Easy FTP Server installed on the remote host
contains a buffer overflow vulnerability that can be exploited by an
unauthenticated user with a specially-crafted USER command to crash
the affected application or execute arbitrary code on the affected
host.

See also :

http://www.securityfocus.com/archive/1/432960/30/0/threaded

Solution :

Unknown at this time.

Network Security Threat Level:

High / CVSS Base Score : 7.0
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)

Networks Security ID: 17836

Vulnerability Assessment Copyright: This script is Copyright (C) 2006 Tenable Network Security

Cables, Connectors