Preemptive Protection against Easy File Sharing FTP Server 'PASS' Buffer Overflow Vulnerability
| Check Point Reference: | CPAI-2006-153 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | FrSIRT/ADV-2006-3068 Secunia Advisory: SA21289 |
|
| Industry Reference(s): | CVE-2006-3952 | |
| Protection Provided by: |
VPN-1
|
|
| Who is Vulnerable? Easy File Sharing FTP Server version 2.0 and prior | ||
| Vulnerability Description EFS Software Easy File Sharing FTP Server is an FTP server application for Microsoft Windows. The application is prone to a remote buffer overflow vulnerability. The issue is triggered when a 'PASS' command with a lengthy parameter line is passed to the server, causing it to crash. |
||
|
Vulnerability Details The vulnerability is caused due to an error when processing an overly long argument passed to the 'PASS' command. A remote attacker can cause the service to crash via an overly long parameter. Successful exploitation may allow execution of arbitrary code. |
Protection Overview
Overly long FTP commands (PASS) may cause a buffer overflow on an affected FTP server. The protection addresses this issue by validating the length of the commands and blocking them if they exceed a certain length. No update is required to address this vulnerability.
Users of VPN-1 NGX R62, R61, R60 and InterSpect NGX are protected against this vulnerability if the FTP protection for blocking overly long commands addressed in the Protection section of CPAI-2006-151 has been applied.
To configure the defense, select your product from the list below and follow the related protection steps.