1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. FTP Vermillion FTPD Port BO

FTP Vermillion FTPD Port BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature generically detects an attempt to overflow different FTP commands requests.

Additional Information

Vermillion FTP Daemon is an FTP server for Windows.

The application is prone to a buffer-overflow vulnerability. Specifically, this issue occurs when issuing a 'PORT' command with an overly large string as an argument. To exploit this issue, an attacker must have authenticated access to the FTP server.

Successful exploits may allow attackers to execute arbitrary code within the context of the application. Failed exploit attempts will likely result in a denial-of-service condition.

Vermillion FTP Daemon 1.31 is affected; other versions may also be vulnerable.

Affected

  • Vermillion FTP Daemon 1.31

Response

1. Log and Audit any FTP use, more specifically from connections made from systems outside of the network.
2. Disable any unneeded use of FTP.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube