Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.14371 |
Kategorie: | FTP |
Titel: | wu-ftpd MAIL_ADMIN overflow |
Zusammenfassung: | The remote Wu-FTPd server seems to be; vulnerable to a remote flaw. |
Beschreibung: | Summary: The remote Wu-FTPd server seems to be vulnerable to a remote flaw. Vulnerability Insight: This version fails to properly check bounds on a pathname when Wu-Ftpd is compiled with MAIL_ADMIN enabled resulting in a buffer overflow. With a specially crafted request, an attacker can possibly execute arbitrary code as the user Wu-Ftpd runs as (usually root) resulting in a loss of integrity, and/or availability. It should be noted that this vulnerability is not present within the default installation of Wu-Ftpd. The server must be configured using the 'MAIL_ADMIN' option to notify an administrator when a file has been uploaded. Solution: Upgrade to Wu-FTPd 2.6.3 when available. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
Querverweis: |
BugTraq ID: 8668 Common Vulnerability Exposure (CVE) ID: CVE-2003-1327 http://www.securityfocus.com/bid/8668 Bugtraq: 20030922 Wu_ftpd all versions (not) vulnerability. (Google Search) http://archives.neohapsis.com/archives/bugtraq/2003-09/0348.html http://www.osvdb.org/2594 http://securitytracker.com/id?1007775 http://secunia.com/advisories/9835 http://www.slackware.org/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.365971 XForce ISS Database: wuftp-mailadmin-sockprintf-bo(13269) https://exchange.xforce.ibmcloud.com/vulnerabilities/13269 |
Copyright | This script is Copyright (C) 2004 David Maciejak |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |