Crob FTP Server < 3.6.1 build 263 Multiple Vulnerabilities

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote FTP server is prone to multiple buffer overflow attacks.

Description :

The version of Crob FTP Server on the remote host suffers from
multiple remote buffer overflows. Once authenticated, an attacker can
exploit these vulnerabilities to crash the affected daemon and even
execute arbitrary code remotely within the context of the affected
service.

See also :

http://www.nessus.org/u?542f2d6e

Solution :

Upgrade to Crob FTP Server version 3.6.1 build 263 or later.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.8
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 19236 (crobftp_overflows.nasl)

Bugtraq ID: 13847
13848

CVE ID: CVE-2005-1873
CVE-2006-6558