3Com 3CServer/3CDaemon FTP Server Multiple Vulnerabilities (OF, FS, PD, DoS)

This script is Copyright (C) 2005-2011 Tenable Network Security, Inc.


Synopsis :

The remote FTP server is affected by multiple issues.

Description :

The remote host is running the 3Com 3CServer or 3CDaemon FTP server.

According to its banner, the version of the 3CServer / 3CDaemon FTP
server on the remote host is reportedly affected by multiple buffer
overflow and format string vulnerabilities as well as an information
leak issue. An attacker may be able to exploit these flaws to execute
arbitrary code on the remote host with the privileges of the FTP
server, generally Administrator.

See also :

http://www.securityfocus.com/archive/1/385969
http://www.securityfocus.com/archive/1/389623

Solution :

Unknown at this time.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 9.5
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 16321 (3com_3cserver_ftp_overflow.nasl)

Bugtraq ID: 12155
12463

CVE ID: CVE-2005-0276
CVE-2005-0277
CVE-2005-0278
CVE-2005-0419