Globus Toolkit GridFTP Server < 3.42 / 6.11 'getpwnam_r()' Authentication Bypass Vulnerability

high Nessus Plugin ID 59734


The remote FTP service is vulnerable to an authentication bypass attack.


According to its self-reported version number, the remote FTP server is running a version of GridFTP Server earlier than 3.42 / 6.11. Such versions reportedly are affected by an authentication bypass vulnerability caused by incorrect use of 'getpwnam_r()'. When a 'gridmap' file is improperly configured with a valid user DN mapped to a nonexistent user account, the GridFTP server may grant access to the client under another account.


Upgrade to version 3.42 / 6.11 or later.

See Also

Plugin Details

Severity: High

ID: 59734

File Name: gt_gridftp_6_11.nasl

Version: 1.9

Type: remote

Family: FTP

Published: 6/27/2012

Updated: 12/4/2019

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information


Risk Factor: Medium

Score: 5.9


Risk Factor: High

Base Score: 7.6

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2012-3292

Vulnerability Information

CPE: cpe:/a:globus:globus_toolkit

Required KB Items: Settings/ParanoidReport, Globus_Toolkit/GridFTP/Installed

Exploit Ease: No known exploits are available

Patch Publication Date: 5/17/2012

Vulnerability Publication Date: 5/17/2012

Reference Information

CVE: CVE-2012-3292

BID: 53778