Core FTP Server < 1.2 Build 508 Multiple Buffer Overflow Vulnerabilities

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The FTP server running on the remote host is affected by multiple
buffer overflow vulnerabilities.

Description :

The version of Core FTP installed on the remote host is prior to 1.2
build 508. It is, therefore, affected by multiple buffer overflow
vulnerabilities due to the lack of validation when processing data from
the 'config.dat' file or the Windows registry using the 'lstrcpy' and
'RegQueryValueEx' functions. A local attacker could exploit these
issues to cause a denial of service or execute arbitrary code.

See also :

http://www.nessus.org/u?12696fbd
http://seclists.org/fulldisclosure/2014/Feb/172

Solution :

Upgrade to Core FTP 1.2 build 508 or later.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 72661 ()

Bugtraq ID: 65692

CVE ID: CVE-2014-1215