Threat Analysis Center

 

powered by

 

BroadWeb Security Service Team

                                                                                              

 GlobalScape Secure FTP Server 3.x Remote Buffer Overflow Vulnerability

 

A vulnerability was found in GlobalScape Secure FTP Server version 3.0.2, which can be exploited by malicious users to compromise a vulnerable system.

 

The vulnerability is caused due to a boundary error when processing FTP commands. By sending an overly long FTP command (more than 2043 bytes) to the FTP server, a stack-based buffer overflow can happen.

 

Exploits are publicly available now and users are urged to upgrade to version 3.0.3 Build 4.29.2005 or later.

 

BroadWeb Security Service Team (BSST) has released the countermeasure signatures in signature version 2.88, which includes:

 

# 1051892_EXPLOIT GlobalScape Secure FTP Server 3.x Buffer Overflow

 

NetKeeper users are urged to upgrade their signature patterns to version 2.88 or later in order to thwart these attacks.

 

(BSST, Broadweb Security Service Team)

 

CVE reference: CAN-2005-1415

Reference: http://www.hackingdefined.com/exploits/Globalscape30.pdf

 

 

 

About BSST
BSST Training Course
Threat Analysis Center
Product Registration
Downloads
Leave Messages
Locate a Channel Partner





 

 

Submit
Reset

 


 

BroadWeb Corporation
222 S. Harbor Blvd. #680, Anaheim, CA 92805, USA
Asia Headquarters:

    3F, 24-1, Industry East Rd. IV, Science Based Industrial Park. Hsin Chu, Taiwan.

 
Designed by Creatop