Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> FTP >> bftpd format string vulnerability

Vulnerability Assessment Details

bftpd format string vulnerability
Vulnerability Assessment Summary
Checks if the remote bftpd daemon is vulnerable to a format string attack

Detailed Explanation for this Vulnerability Assessment

The remote ftp server does not sanitize properly the output
it gets from the NLST command.

It may be possible for a remote attacker to gain root access
thanks to this bug if he can write in any directory served
by this ftp daemon.

Solution : Upgrade your bftpd server to version 1.0.13

Reference : http://online.securityfocus.com/archive/1/149216

Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2000 Renaud Deraison
Cables, Connectors


Asus H81M-C Intel LGA1150 DDR3 Desktop Motherboard MicroATX Socket H3 picture

Asus H81M-C Intel LGA1150 DDR3 Desktop Motherboard MicroATX Socket H3

$30.99


ASRock Z87M Extreme4 Micro ATX Intel LGA1150 DDR3 eSATA HDMI Motherboard picture

ASRock Z87M Extreme4 Micro ATX Intel LGA1150 DDR3 eSATA HDMI Motherboard

$69.95


Gigabyte Z77M-D3H-MVP Micro ATX Intel LGA1155 DDR3 HDMI Z77 Motherboard picture

Gigabyte Z77M-D3H-MVP Micro ATX Intel LGA1155 DDR3 HDMI Z77 Motherboard

$61.95


B75 Desktop Motherboard LGA1155 DDR3 Memory (Intel 2nd and 3rd gen support) picture

B75 Desktop Motherboard LGA1155 DDR3 Memory (Intel 2nd and 3rd gen support)

$25.99


Gigabyte B460M DS3H AC Intel B460 1200 LGA MicroATX M.2 Desktop Motherboard B picture

Gigabyte B460M DS3H AC Intel B460 1200 LGA MicroATX M.2 Desktop Motherboard B

$49.99


ASRock LGA 1151 Wifi Intel B360 Intel Gen Micro ATX Motherboard p/n: B360M-OEM picture

ASRock LGA 1151 Wifi Intel B360 Intel Gen Micro ATX Motherboard p/n: B360M-OEM

$70.00


Foxconn H61MXE Intel H61 LGA1155 HDMI mATX DDR3 Motherboard + I/O Plate Tested picture

Foxconn H61MXE Intel H61 LGA1155 HDMI mATX DDR3 Motherboard + I/O Plate Tested

$34.95


ASRock Z370 PRO4/OEM LGA 1151 (300 Series) Intel Z370 SATA 6Gb/s ATX Intel Mothe picture

ASRock Z370 PRO4/OEM LGA 1151 (300 Series) Intel Z370 SATA 6Gb/s ATX Intel Mothe

$64.99


Machinist Motherboard LGA 2011 CPU Support DDR3 REG ECC RAM Intel Xeon M-ATX picture

Machinist Motherboard LGA 2011 CPU Support DDR3 REG ECC RAM Intel Xeon M-ATX

$86.58


Intel DX58SO LGA 1366 Motherboard picture

Intel DX58SO LGA 1366 Motherboard

$75.00


Discussions

No Discussions have been posted on this vulnerability.