Core FTP Server < 1.2 Build 588 32-bit Unspecified Overflow Vulnerability

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The FTP server running on the remote host is affected by an
unspecified overflow vulnerability.

Description :

The 32-bit version of Core FTP Server running on the remote host is
prior to 1.2 build 588. It is, therefore, affected by an overflow
condition due to a failure to properly validate user-supplied input
when using FTP, FTPS, or SSL. An unauthenticated, remote attacker can
exploit this to impact the confidentiality, integrity, or availability
of the system. No other details are provided. Note that the 64-bit
version is not affected.

See also :

http://www.nessus.org/u?006bcb64

Solution :

Upgrade to Core FTP version 1.2 build 588 (32-bit) or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: FTP

Nessus Plugin ID: 90765 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now