4D WebStar Pre-authentication FTP Overflow

This script is Copyright (C) 2004-2011 Tenable Network Security, Inc.


Synopsis :

The FTP server is affected by a buffer overflow vulnerability.

Description :

There is a buffer overflow condition in the remote version of 4D
WebStar FTP Server installed on the remote host. An attacker may
exploit this flaw to execute arbitrary code on the remote host with
the privileges of the FTP server (root).

See also :

http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0005.html

Solution :

Upgrade to 4D WebStar 5.3.3 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 14195 (4d_webstar_ftp_overflow.nasl)

Bugtraq ID: 10720

CVE ID: CVE-2004-0695