SunFTP GET Request Remote Overflow

high Nessus Plugin ID 11373

Synopsis

The remote host has an application that is affected by a buffer overflow vulnerability.

Description

Buffer overflow in SunFTP build 9(1) allows remote attackers to cause a denial of service or possibly execute arbitrary commands by sending more than 2100 characters to the server.

Solution

Switching to another FTP server, SunFTP is discontinued.

Plugin Details

Severity: High

ID: 11373

File Name: sunftpd_overflow.nasl

Version: 1.17

Type: remote

Family: FTP

Published: 3/13/2003

Updated: 8/22/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Exploit Ease: No known exploits are available

Patch Publication Date: 9/1/2000

Vulnerability Publication Date: 9/1/2000

Reference Information

CVE: CVE-2000-0856

BID: 1638