Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

SlimFTPd < 3.17 Multiple Commands Remote Overflow

High

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host seems to be running a vulnerable version of SlimFTPd, a small FTP server for Windows. It is reported that versions up to 3.16 are prone to buffer overflow vulnerability that may allow an attacker to execute arbitrary code on this host. A attacker needs a valid FTP account to exploit this vulnerability (to include anonymous access, if enabled).

NOTE: The SlimFTPd hotfix does not change the version number from 3.16 to 3.17.

Solution

Upgrade to version 3.17 or higher.