SmartFTP Multiple Command Response Overflow

This script is Copyright (C) 2003-2011 Tenable Network Security, Inc.


Synopsis :

It is possible to execute arbitrary code on the remote host through a
remote FTP client.

Description :

The remote host is running SmartFTP - an FTP client.

There is a flaw in the remote version of this software that could allow an
attacker to execute arbitrary code on this host.

To exploit it, an attacker would need to set up a rogue FTP server and have
a user on this host connect to it.

Solution :

Upgrade to version 1.0.976.x or newer.

Risk factor :

High / CVSS Base Score : 7.6
(CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.6
(CVSS2#E:U/RL:OF/RC:ND)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 11709 ()

Bugtraq ID: 7858
7861

CVE ID: CVE-2003-1319

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now