ArGoSoft FTP Server DELE Command Remote Buffer Overrun

This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.


Synopsis :

The remote FTP server is affected by a buffer overflow flaw.

Description :

According to its banner, the version of ArGoSoft FTP Server installed
on the remote host is affected by a heap-based buffer overflow that
can be triggered by a malicious user with delete rights who issues a
DELE command with an argument exceeding 2000 characters.

See also :

http://www.securityfocus.com/archive/1/archive/1/426081/100/0/threaded

Solution :

Unknown at this time.

Risk factor :

Medium / CVSS Base Score : 6.0
(CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P)
CVSS Temporal Score : 5.1
(CVSS2#E:U/RL:U/RC:ND)
Public Exploit Available : false

Family: FTP

Nessus Plugin ID: 17303 (argosoft_ftp_dele_overflow.nasl)

Bugtraq ID: 12755

CVE ID: CVE-2005-0696