Check Point Advisories

Preemptive Protection against Easy File Sharing FTP Server 'PASS' Buffer Overflow Vulnerability

Check Point Reference: CPAI-2006-153
Date Published: 21 Dec 2006
Severity: Critical
Last Updated: Wednesday 02 May, 2007
Source: FrSIRT/ADV-2006-3068
Secunia Advisory: SA21289
Industry Reference:CVE-2006-3952
Protection Provided by:
Who is Vulnerable? Easy File Sharing FTP Server version 2.0 and prior
Vulnerability Description EFS Software Easy File Sharing FTP Server is an FTP server application for Microsoft Windows. The application is prone to a remote buffer overflow vulnerability. The issue is triggered when a 'PASS' command with a lengthy parameter line is passed to the server, causing it to crash.
Vulnerability DetailsThe vulnerability is caused due to an error when processing an overly long argument passed to the 'PASS' command. A remote attacker can cause the service to crash via an overly long parameter. Successful exploitation may allow execution of arbitrary code.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK