취약성 정보 - Bftpd Packets Processing Remote Denial of Service Vulnerability

Bftpd Packets Processing Remote Denial of Service Vulnerability

sH4

2009.10.27 18:48:00 (*.4.246.133)

3235

Title : Bftpd Packets Processing Remote Denial of Service Vulnerability
VUPEN ID : VUPEN/ADV-2009-3032
CVE ID : GENERIC-MAP-NOMATCH
CWE ID : VUPEN VNS Only

CVSS V2 : VUPEN VNS Only

Rated as : Moderate Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2009-10-26

세부설명
==========
Bftpd에서 원격 공격자가 서비스 거부 공격을 일으킬 수 있는 취약점이 확인되었다. 이 문제는 기형의 패킷을 처리할 때
불특정 에러가 발생하기 때문이다. 이것은 서비스 거부 상태를 만들어 공격 될 수 있다.
더욱 자세한 정보는 확인되지 않았다.

해결책
==========
Upgrade to Bftpd version 2.6 :
http://bftpd.sourceforge.net/download.html

레퍼런스
==========
http://www.vupen.com/english/advisories/2009/3032
http://bftpd.sourceforge.net/news.html#032130

영향받는 버전
==========
Bftpd versions prior to 2.4

이 게시물을...

와우해커(WOWHACKER) 시누싱입니다.

번호

제목

글쓴이

날짜

조회 수

1589

Apple iPhone and iPod touch Code Execution and Security Bypass

sH4

2010-02-04

518

1588

Sun Ray Server Code Execution and Weak Encryption Vulnerabilities

sH4

2009-12-11

1163

Bftpd Packets Processing Remote Denial of Service Vulnerability

sH4

2009-10-27

3235

1586

Xion Audio Player Playlist Processing Buffer Overflow Vulnerability

sH4

2009-10-20

3659

1585

Intel Desktop Board BIOS Unauthorized Downgrade Security Issue

sH4

2009-10-20

4038

1584

Google Apps "googleapps.url.mailto:" Argument Injection Vulnerability

sH4

2009-10-06

5174

1583

VMware Fusion Privilege Escalation and Denial of Service Vulnerabilities

sH4

2009-10-06

4443

1582

Google Chrome v8 Engine Floating Point Memory Corruption Vulnerability

sH4

2009-10-06

4488

1581

Symantec AppStream Client ActiveX Insecure Method Vulnerability

sH4

2009-01-19

19025

1580

GNUBoard "g4_path" Parameter Local File Inclusion Vulnerability

156

sH4

2009-01-19

24202

1579

Microsoft Windows SMB Remote Code Execution Vulnerabilities (MS09-001

sH4

2009-01-14

18379

1578

Oracle and BEA Products Multiple Code Execution Vulnerabilities

sH4

2009-01-14

17535

1577

Winamp AIFF File Header Processing Buffer Overflow Vulnerability

sH4

2009-01-14

18725

1576

CA Products "smmsnmpd" Service Remote Command Execution Issue

sH4

2009-01-12

16064

1575

Serv-U Multiple Command Processing Denial of Service Vulnerability

sH4

2009-01-12

16958

1574

HP OpenView Network Node Manager Multiple Remote Vulnerabilities

sH4

2009-01-08

16118

1573

Cain & Abel Cisco IOS-MD5 Hash Handling Buffer Overflow Vulnerability

sH4

2009-01-08

16688

1572

Linux Kernel SCTP FWD-TSN Handling Remote Memory Overflow Vulnerability

sH4

2009-01-07

16347

1571

Sun Solaris NFS Version 4 Client Local Denial of Service Vulnerability

sH4

2009-01-07

15687

1570

VMware "vmware-authd" Request Handling Denial of Service Vulnerability

sH4

2009-01-07

14669