Detections
Analytics

FTP Server 'glob' Function Overflow

critical Nessus Network Monitor Plugin ID 1836

Synopsis

The remote host is vulnerable to a globbing overflow.

Description

It may be possible to make the remote FTP server crash by creating a large directory structure and then attempting to list it using wildcards. This is usually known as the 'ftp glob overflow' attack. An attacker can use this flaw to execute arbitrary code on the remote server, which could lead to remote shell access.

Solution

Upgrade your FTP server and/or libc. Consider removing directories writable by 'anonymous'.

See Also

http://archives.neohapsis.com/archives/freebsd/2001-04/0466.html

http://ftp://patches.sgi.com/support/free/security/advisories/20010802-01-P

http://www.openbsd.org/errata28.html#glob_limit

Plugin Details

Severity: Critical

ID: 1836

Family: FTP Servers

Published: 8/20/2004

Updated: 3/6/2019

Nessus ID: 10648

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:netbsd:netbsd

Reference Information

CVE: CVE-2001-0247

BID: 2548