Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

FtpXQ FTP Server < 3.0.2 Multiple Vulnerabilities

Critical

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote FtpXQ FTP server vulnerable to multiple flaws. Versions 3.01 and lower are vulnerable to a buffer overflow that results in a Denial of Service (DoS) attack. In addition, versions 3.01 and lower ship with two default accounts that are enabled. These accounts are: anonymous/NULL and test/test

An attacker exploiting the 'test' default account would have read/write capability on the remote FTP server.

Solution

Upgrade to version 3.0.2 or higher.