Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Nessus>
  3. plugins
GlobalSCAPE Secure FTP Server User Input Overflow nasl script
gareth at sensepost
Jul 6, 2005, 3:15 AM
Post #1 of 3 (585 views)
Permalink
GlobalSCAPE Secure FTP Server 3.0.2 and prior versions are affected by a
buffer overflow found in the user-supplied input. An attacker must first be
authenticated to the server before they can execute arbitrary commands.

References:
- http://www.securityfocus.com/bid/13454
- http://www.osvdb.org/16049

Nasl is attached,
Kind regards
Gareth

gareth@sensepost.com
www.sensepost.com

Attached Files:

Re: GlobalSCAPE Secure FTP Server User Input Overflow nasl script [ In reply to ]
theall at tenablesecurity
Jul 6, 2005, 4:03 AM
Post #2 of 3 (586 views)
Permalink
On Wed, Jul 06, 2005 at 12:15:07PM +0200, Gareth Phillips wrote:

> GlobalSCAPE Secure FTP Server 3.0.2 and prior versions are affected by a
> buffer overflow found in the user-supplied input. An attacker must first be
> authenticated to the server before they can execute arbitrary commands.
>
> References:
> - http://www.securityfocus.com/bid/13454

This vulnerability is covered by ftp_overflows.nasl (plugin #10084),
which tests generically for such overflows.

George
--
theall@tenablesecurity.com
Re: GlobalSCAPE Secure FTP Server User Input Overflow nasl script [ In reply to ]
deraison at nessus
Jul 6, 2005, 7:06 AM
Post #3 of 3 (570 views)
Permalink
On Jul 6, 2005, at 7:03, George A. Theall wrote:

> On Wed, Jul 06, 2005 at 12:15:07PM +0200, Gareth Phillips wrote:
>
>
>> GlobalSCAPE Secure FTP Server 3.0.2 and prior versions are
>> affected by a
>> buffer overflow found in the user-supplied input. An attacker must
>> first be
>> authenticated to the server before they can execute arbitrary
>> commands.
>>
>> References:
>> - http://www.securityfocus.com/bid/13454
>>
>
> This vulnerability is covered by ftp_overflows.nasl (plugin #10084),
> which tests generically for such overflows.

Actually, Gareth's script is non-intrusive (which is not the case of
ftp_overflows.nasl).

I'll include it - thanks!


-- Renaud

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal