Test Kennung:	1.3.6.1.4.1.25623.1.0.14371
Kategorie:	FTP
Titel:	wu-ftpd MAIL_ADMIN overflow
Zusammenfassung:	The remote Wu-FTPd server seems to be; vulnerable to a remote flaw.
Beschreibung:	Summary: The remote Wu-FTPd server seems to be vulnerable to a remote flaw. Vulnerability Insight: This version fails to properly check bounds on a pathname when Wu-Ftpd is compiled with MAIL_ADMIN enabled resulting in a buffer overflow. With a specially crafted request, an attacker can possibly execute arbitrary code as the user Wu-Ftpd runs as (usually root) resulting in a loss of integrity, and/or availability. It should be noted that this vulnerability is not present within the default installation of Wu-Ftpd. The server must be configured using the 'MAIL_ADMIN' option to notify an administrator when a file has been uploaded. Solution: Upgrade to Wu-FTPd 2.6.3 when available. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	BugTraq ID: 8668 Common Vulnerability Exposure (CVE) ID: CVE-2003-1327 http://www.securityfocus.com/bid/8668 Bugtraq: 20030922 Wu_ftpd all versions (not) vulnerability. (Google Search) http://archives.neohapsis.com/archives/bugtraq/2003-09/0348.html http://www.osvdb.org/2594 http://securitytracker.com/id?1007775 http://secunia.com/advisories/9835 http://www.slackware.org/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.365971 XForce ISS Database: wuftp-mailadmin-sockprintf-bo(13269) https://exchange.xforce.ibmcloud.com/vulnerabilities/13269
Copyright	This script is Copyright (C) 2004 David Maciejak

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.