2001308

	FTP CWD directory overflow
advICE :Intrusions : 2001308

FAQ

Oh my gosh, I'm being HACKED!!!

How do I report the hacker to my ISP?

I'm seeing lots of attacks, is this normal?

Summary
An attempt has been made to overflow the CWD (change working directory) command on the target FTP server.
Details
Some FTP servers do not bounds-check a supplied directory name. This can result in a classic buffer-overflow bug allowing an intruder to break into the system.
Defense
Most systems are not vulnerable to this bug. See below to see if your system is one of those listed.

more information

CERT: CA-99-03-FTP-Buffer-Overflows
advICE: Buffer overflows: More about this general class of attacks, which is the root cause of many attacks on the Internet.
advICE: FTP defense: How to harden an FTP server against Internet attacks.
advICE: FTP exploits: A list of common ways that intruders break into FTP servers.
BugtraqID: 818 Vermillion FTPd CWD DoS Vulnerability
BugtraqID: 747 WFTPD Remote Buffer Overflow Vulnerability.: Affects version 2.34 and 2.40 of this Windows-based FTP service.
BugtraqID: 599 Multiple Vendor Wu-Ftpd Buffer Overflow Vulnerability.
BugtraqID: 966 Solaris rlogind FTP bounce Vulnerability
BugtraqID: 572 ToxSoft NextFTP Buffer Overflow Vulnerability
BugtraqID: 269 Cat Soft Serv-U Buffer Overflow Vulnerabilities.
BugtraqID: 217 WS_FTP Server Denial of Service Vulnerability: A CWD with more than 876 will crash the service.
CVE-1999-0671 Buffer overflow in ToxSoft NextFTP client through CWD command.
CVE-2000-0131 Buffer overflow in War FTPd 1.6x allows users to cause a denial of service via long MKD and CWD commands.
CVE-1999-0219 Serv-U FTP buffer overflow when user performs a cwd to a directory with a long name.
CVE-1999-0362 WS_FTP server remote denial of service through cwd command.

configuration for this item

file.maxname 200 The maximum length of a file name.

 
Version appeared:

FTP CWD directory overflow