WS_FTP Server STAT Command Remote Overflow

critical Nessus Plugin ID 14585

Language:

Synopsis

The remote FTP server has a buffer overflow vulnerability.

Description

According to its banner, the version of WS_FTP running on the remote host has a buffer overflow vulnerability. Sending a 'STAT' command followed by a very long argument results in a buffer overflow. A remote attacker could exploit this to execute arbitrary code.

Solution

Upgrade to the latest version of WS_FTP.

Plugin Details

Severity: Critical

ID: 14585

File Name: wsftp_stat_buf_overflow.nasl

Version: 1.19

Type: remote

Family: FTP

Published: 8/31/2004

Updated: 8/8/2018

Supported Sensors: Nessus

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

BID: 3507

Detections

Analytics