Test ID:	1.3.6.1.4.1.25623.1.0.801839
Category:	FTP
Title:	FTPGetter 'PASV' Command Remote Stack Buffer Overflow Vulnerability
Summary:	Check for the version of FTPGetter
Description:	Overview: This host is installed with FTPGetter FTP Client and is prone to buffer overflow vulnerability. Vulnerability Insight: The flaw is due to a boundary error when reading a log file using fgets() which can be exploited to cause a stack-based buffer overflow by tricking a user into connecting to a malicious FTP server and sending a specially crafted 'PWD' or 'PASV' response. Impact: Successful exploitation allows execution of arbitrary code. Impact Level: Application. Affected Software: FTPGetter version 3.58.0.21 and prior. Fix: No solution or patch is available as of 4th February, 2011. Information regarding this issue will updated once the solution details are available. For updates refer to http://www.ftpgetter.com/download.php References: https://secunia.com/advisories/41857 http://www.exploit-db.com/exploits/16101/ http://downloads.securityfocus.com/vulnerabilities/exploits/46120.py
Cross-Ref:	BugTraq ID: 46120
Copyright	Copyright (C) 2011 Greenbone Networks GmbH

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: