[Snort-sigs] FTP Dos ftpd globbing

Nimesh Vakharia nvakhari at ...328...
Wed Jan 30 20:25:02 EST 2002


I've been looking for the snort siganture for FTP DoS ftp globbing. This 
used to be a signature in the snort database a while back. It seems this
has been depecated from the current .rules file in snort.  Does anyone
have the definition?

thanks,

Nimesh.

On Wed, 23 Jan 2002, Ian Masters wrote:

> Hello
> 
> My technical expertise is limited but if there is no problem with 
> "adapting" information I have already found at securityfocus.com, cve and 
> other sources then I'll try to keep sending these in
> 
> Ian Masters
> 
> Rule:
> 
> --
> Sid: 882
> 
> --
> Summary: Version 2.2 of popular cgi script, calender.pl and the 
> calendar_admin.pl (used to set up a website calendar) contain code which 
> may allow attacker to execute arbitrary commands on that host.
> 
> 
> --
> Impact:
> 
> --
> Detailed Information:  see 
> http://www.securityfocus.com/cgi-bin/vulns-item.pl?section=discussion&id=1215
> 
> --
> Attack Scenarios: see 
> http://www.securityfocus.com/cgi-bin/vulns-item.pl?section=exploit&id=1215
> 
> --
> Ease of Attack:
> 
> --
> False Positives:
> 
> --
> False Negatives:
> 
> --
> Corrective Action: Download updated scripts 
> http://www.mattkruse.com/scripts/calendar/bugfix.html
> 
> --
> Contributors:
> 
> --
> Additional References: bugtraq 1288
> cve CVE-2000-0432 
> 
> 
> 
> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-sigs
> 





More information about the Snort-sigs mailing list