| VID |
16054 |
| Severity |
40 |
| Port |
25 |
| Protocol |
TCP |
| Class |
FTP |
| Detailed Description |
The SunFTP ftpd is vulnerable to a buffer overflow attack.
SunFTP is a small freeware ftp server created by XS4ALL Data. By sending 2100 characters or more to the server, a remote attacker can overflow the buffer and cause the server to crash. It may be possible for the remote attacker to execute arbitrary code on the target as well.
* References:
http://www.securityfocus.com/advisories/2584
http://www.securiteam.com/exploits/5UP140A2AA.html
http://xs4all.dk/sunftp/
* Platforms Affected:
SunFTP 1.0 Build 9 |
| Recommendation |
No remedy available as of June 2014. Replace to another FTP server, SunFTP is discontinued. |
| Related URL |
CVE-2000-0856 (CVE) |
| Related URL |
1638 (SecurityFocus) |
| Related URL |
5180 (ISS) |
|
