| VID |
16094 |
| Severity |
40 |
| Port |
21 |
| Protocol |
TCP |
| Class |
FTP |
| Detailed Description |
The 3Com 3CServer FTP server, according to its banner, has multiple buffer overflow vulnerabilities. 3CServer is a TFTP and FTP server for Microsoft Windows operating systems. 3CServer version 1.0 and 1.1 have vulnerable to multiple buffer overflow vulnerabilities in its parsing code of the FTP commands. As a result, a remote authenticated attacker can execute arbitrary code on the affected system with the privileges of the FTP service.
* Note: This check solely relied on the banner of the remote 3CServer to assess this vulnerability, so this might be a False Positive.
* References:
http://support.3com.com/software/utilities_for_windows_32_bit.htm
http://archives.neohapsis.com/archives/bugtraq/2005-02/0008.html
* Platforms Affected:
3Com 3CServer 1.1
Microsoft Windows Any version |
| Recommendation |
No upgrade or patch available as of February 2005.
Upgrade to the fixed version of 3CServer FTP server, when new fixed version becomes available from the 3CServer Download Web site at http://support.3com.com/software/utilities_for_windows_32_bit.htm |
| Related URL |
CVE-2005-0419 (CVE) |
| Related URL |
12463 (SecurityFocus) |
| Related URL |
19250 (ISS) |
|
