ProFTPD TELNET IAC Escape Sequence Remote Buffer Overflow

This script is Copyright (C) 2013 Tenable Network Security, Inc.

Synopsis :

The remote ProFTP daemon is affected by a buffer overflow

Description :

The remote ProFTP daemon is susceptible to an overflow condition. The
TELNET_IAC escape sequence handling fails to properly sanitize user-
supplied input resulting in a stack overflow. With a specially crafted
request, an unauthenticated, remote attacker could potentially execute
arbitrary code.

See also :

Solution :

Upgrade to version 1.3.3c or later.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 70446 ()

Bugtraq ID: 44562

CVE ID: CVE-2010-4221