TurboFTP Server PORT Command Processing Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is running TurboFTP server and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow remote attackers to cause a stack-based buffer overflow via an overly long IP octet string. Impact Level: Application

Solution

Update to version Versio 1.30 Build 826 or later, For updates refer to http://www.tbsoftinc.com/download.htm

Insight

A boundary error occurs during the parsing of an FTP port command, which will result in a stack-based buffer overflow.

Affected

TurboFTP Server version 1.30.823

References

http://packetstormsecurity.org/files/117571/turboftp_port.rb.txt
http://secunia.com/advisories/50595/
http://www.naked-security.com/nsa/236580.htm
http://www.osvdb.org/85887
http://www.securelist.com/en/advisories/50595

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
Adobe Reader 'XFDF' File Buffer Overflow Vulnerability (Mac OS X)
BS.Player '.bsl' File Buffer Overflow Vulnerabilities
Adobe Shockwave Player ActiveX Control BOF Vulnerability
Apple iTunes 'itms:' URI Stack Buffer Overflow Vulnerability

Take action and discover your vulnerabilities