1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Ricoh DC FTP USER Command CVE-2012-5002

Attack: Ricoh DC FTP USER Command CVE-2012-5002

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a remote buffer overflow vulnerability in Ricoh DC FTP software when processing a USER FTP command.

Additional Information

DC Software DL-10 is software used to transfer images from camera to computer.

DC Software DL-10 is prone to a remote stack-based buffer-overflow vulnerability that affects the SR10 FTP server component. Specifically, this issue occurs because the application fails to perform adequate boundary checks on user-supplied input before copying it to an insufficiently sized memory buffer when processing a crafted 'USER' FTP command.

NOTE: Successful exploitation requires having the 'Log file name' option enabled.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

Ricoh DC Software DL-10 4.5.0.1 is affected; other versions may also be vulnerable.

Affected

  • Ricoh DC Software DL-10 4.5.0.1 is affected; other versions may also be vulnerable.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube