GuildFTPd Long SITE Command Overflow

This script is Copyright (C) 2004-2011 Tenable Network Security, Inc.


Synopsis :

The remote FTP server is vulnerable to a buffer overflow attack.

Description :

The remote ftp server seems to be vulnerable to a denial of service
attack through the SITE command when handling specially long requests.
An attacker can exploit this flaw in order to crash the affected
service or possibly execute arbitrary code.

See also :

http://archives.neohapsis.com/archives/bugtraq/2001-05/0254.html

Solution :

There is no known solution at this time.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.4
(CVSS2#E:U/RL:U/RC:ND)
Public Exploit Available : false

Family: FTP

Nessus Plugin ID: 15851 (guildftpd_site_cmd_overflow.nasl)

Bugtraq ID: 2782

CVE ID: CVE-2001-0770