|Title:||FTPGetter 'PASV' Command Remote Stack Buffer Overflow Vulnerability|
|Summary:||Check for the version of FTPGetter|
Overview: This host is installed with FTPGetter FTP Client and is prone to
buffer overflow vulnerability.
The flaw is due to a boundary error when reading a log file using
fgets() which can be exploited to cause a stack-based buffer overflow by
tricking a user into connecting to a malicious FTP server and sending a
specially crafted 'PWD' or 'PASV' response.
Successful exploitation allows execution of arbitrary code.
Impact Level: Application.
FTPGetter version 22.214.171.124 and prior.
Fix: No solution or patch is available as of 4th February, 2011. Information
regarding this issue will updated once the solution details are available.
For updates refer to http://www.ftpgetter.com/download.php
BugTraq ID: 46120|
|Copyright||Copyright (C) 2011 Greenbone Networks GmbH|
|This is only one of 40605 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.