BlackJumboDog FTP Server Multiple Command Overflow

This script is Copyright (C) 2004-2011 Tenable Network Security, Inc.


Synopsis :

Arbitrary code may be run on the remote host.

Description :

The remote host is running BlackJumboDog FTP server.

This FTP server fails to properly check the length of parameters in
multiple FTP commands, most significant of which is USER, resulting
in a stack overflow.

With a specially crafted request, an attacker can execute arbitrary code
resulting in a loss of integrity, and/or availability.

Solution :

Upgrade to version 3.6.2 or newer

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.2
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 14256 (Black_JumboDog_FTP_overflow.nasl)

Bugtraq ID: 10834

CVE ID: CVE-2004-1439

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial