Test ID:	1.3.6.1.4.1.25623.1.0.51997
Category:	FTP
Title:	ProFTPD ASCII File Transfer Buffer Overrun
Summary:	ProFTPD ASCII File Transfer Buffer Overrun
Description:	The remote FTP server according to its version number, is a ProFTPD server vulnerable to a buffer overflow if a malformed file uploaded in binary mode is subsequently downloaded in ASCII mode. Versions up to and including 1.2.9rc2 are vulnerable. Solution : Upgrade to a later version. Risk factor : Critical
Cross-Ref:	BugTraq ID: 8679 Common Vulnerability Exposure (CVE) ID: CVE-2003-0831 ISS Security Advisory: 20030923 ProFTPD ASCII File Remote Compromise Vulnerability http://xforce.iss.net/xforce/alerts/id/154 Bugtraq: 20030924 [slackware-security] ProFTPD Security Advisory (SSA:2003-259-02) (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=106441655617816&w=2 Bugtraq: 20031013 Remote root exploit for proftpd \n bug (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=106606885611269&w=2 http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012072.html http://www.mandriva.com/security/advisories?name=MDKSA-2003:095 CERT/CC vulnerability note: VU#405348 http://www.kb.cert.org/vuls/id/405348 http://secunia.com/advisories/9829 XForce ISS Database: proftpd-ascii-xfer-newline-bo(12200) http://xforce.iss.net/xforce/xfdb/12200
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: