Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

FTP Server 'glob' Function Overflow

Critical

Synopsis

The remote host is vulnerable to a globbing overflow.

Description

It may be possible to make the remote FTP server crash by creating a large directory structure and then attempting to list it using wildcards. This is usually known as the 'ftp glob overflow' attack. An attacker can use this flaw to execute arbitrary code on the remote server, which could lead to remote shell access.

Solution

Upgrade your FTP server and/or libc. Consider removing directories writable by 'anonymous'.