Core FTP Server < 1.2 Build 508 lstrcpy Overflow Code Execution

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.


Synopsis :

The FTP server running on the remote host is affected by a code
execution vulnerability.

Description :

The version of Core FTP running on the remote host is prior to 1.2
build 508. It is, therefore, affected by buffer overflow conditions
in the RegQueryValueExA() and lstrcpy() functions due to improper
validation of user-supplied input when reading data from the
config.dat file and/or from the Windows Registry. A local attacker can
exploit this to cause a denial of service condition or to execute
arbitrary code.

See also :

http://www.nessus.org/u?12696fbd
http://seclists.org/fulldisclosure/2014/Feb/172

Solution :

Upgrade to Core FTP version 1.2 build 508 or later.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 72661 ()

Bugtraq ID: 65692

CVE ID: CVE-2014-1215

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial