Multiple FTPD glob Command Arbitrary Command Execution

Critical Nessus Plugin ID 10821


The remote ftp server is affected by a remote code execution vulnerability.


The FTPD glob vulnerability manifests itself in handling the glob command. The problem is not a typical buffer overflow or format string vulnerability, but a combination of two bugs - an implementation of the glob command that does not properly return an error condition when interpreting the string 'bracket', and then frees memory which may contain user-supplied data.

An attacker who is able to log in to a vulnerable server, including users with anonymous access, can exploit this to execute arbitrary code with the privileges of the FTP service.


Contact your vendor for a fix.

See Also

Plugin Details

Severity: Critical

ID: 10821

File Name: ftpglob.nasl

Version: $Revision: 1.50 $

Type: remote

Family: FTP

Published: 2001/12/06

Modified: 2018/02/20

Dependencies: 11936, 10092, 10079, 13170, 12908, 13378, 13481, 12654, 12762, 13021, 13273

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2001/04/09

Exploitable With


Reference Information

CVE: CVE-2001-0249, CVE-2001-0550

BID: 2550, 3581

OSVDB: 686, 8681