CesarFTP Multiple Vulnerabilities (OF, File Access, more)

This script is Copyright (C) 2003-2014 Tenable Network Security, Inc.


Synopsis :

The remote FTP server is affected by multiple flaws.

Description :

The remote host is running CesarFTP, an FTP server for Windows systems.

There are multiple flaws in this version of CesarFTP that could allow
an attacker to execute arbitrary code on this host, or simply to
disable this server remotely.

See also :

http://archives.neohapsis.com/archives/bugtraq/2001-05/0252.html
http://www.nessus.org/u?6734d8ec
http://www.securiteam.com/exploits/5ZP0C0AIUA.html

Solution :

Remove the software as it has not been updated since 2002.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 7.1
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 11755 (cesarftp_overflows.nasl)

Bugtraq ID: 2785
2786
2972
7946
7950
9666
18586

CVE ID: CVE-2001-0826
CVE-2001-1335
CVE-2001-1336
CVE-2003-0329
CVE-2004-0298
CVE-2006-2961