ProFTPD NLST Command Argument Handling Remote Overflow
Critical Nessus Plugin ID 10191
SynopsisThe remote FTP server is affected by a buffer overflow vulnerability.
DescriptionIt was possible to crash the remote FTP server by issuing a specially crafted command, such as 'NLST aaaXXXX%u%[...]%u%u%u%%u%653300u%n' where 'XXXX' is replaced with four characters - ASCII values 0xDC, 0x4F, 0x07 and 0x08. This issue is known to affect ProFTPD version 1.2.0pre6, although other FTP servers may be affected as well.
It is likely that a remote attacker can leverage this issue to execute arbitrary code on the remote host, subject to the privileges under which the service runs.
SolutionIf running ProFTPD, upgrade to version 1.2.0pre7 or later; otherwise, contact the vendor to see if an update exists.