[Snort-sigs] Sid 2338
alexander.s at ...1565...
Fri Mar 12 11:33:12 EST 2004
FTP LIST buffer overflow attempt
This attack is a buffer overflow using the LIST command in the gtkftp
root privilege can be gained remotely.
The LIST commands in the GtkFtpd is not able to correctly handle long
file or directory names. This rule checks to see that the filename is
100 characters or less (including the newline character).
GtkFtpd gtkftp 1.0.2
GtkFtpd gtkftp 1.0.3
GtkFtpd gtkftp 1.0.4
A remote or local attacker can use this attack against a vulnerable FTP
daemon to gain root privileges.
Ease of Attack:
Easy; an exploit is publicly available for this FTP daemon.
Possible, it is well within the ability of non-vulnerable FTP servers to
handle filenames in excess of 100 characters.
Documentation - Steven Alexander<alexander.s at ...1565...>
More information about the Snort-sigs