Alias(es)FTP.Command.PASS.Overflow |
Release DateSep 11, 2006 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionIt indicates an attempt to exploit a buffer overflow vulnerability in BlackMoon FTP server. BlackMoon FTP server is designed for use with the Windows 2000 operating system. Due to inadequate user input sanitization, a remote attacker can cause a buffer overflow via specially-crafted FTP commands. Successful exploitation could allow remote attacker to execute arbitrary commands on a target system. |
Affected ProductsAny unprotected BlackMoon FTP server 1.0 to 1.5 is vulnerable to the attack. |
Recommended ActionsUpgrade to BlackMoon FTP Server version 1.5.2 Build 1550 or newer. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2006-6576CVE-1999-0256 |
Reference/shttp://www.securityfocus.com/bid/10078 (BugTraq)http://www.securityfocus.com/bid/45957 (BugTraq) http://www.securityfocus.com/bid/49427 (BugTraq) |
