Re: [Plugins-writers] GlobalSCAPE Secure FTP Server User Input Overflow nasl script

• Previous message: Renaud Deraison: "Re: [Plugins-writers] Missing CVE IDs"
• In reply to: George A. Theall: "Re: [Plugins-writers] GlobalSCAPE Secure FTP Server User Input Overflow nasl script"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Jul 6, 2005, at 7:03, George A. Theall wrote:

> On Wed, Jul 06, 2005 at 12:15:07PM +0200, Gareth Phillips wrote:
>
>
>> GlobalSCAPE Secure FTP Server 3.0.2 and prior versions are  
>> affected by a
>> buffer overflow found in the user-supplied input. An attacker must  
>> first be
>> authenticated to the server before they can execute arbitrary  
>> commands.
>>
>> References:
>> - http://www.securityfocus.com/bid/13454
>>
>
> This vulnerability is covered by ftp_overflows.nasl (plugin #10084),
> which tests generically for such overflows.

Actually, Gareth's script is non-intrusive (which is not the case of  
ftp_overflows.nasl).

I'll include it - thanks!


                         -- Renaud
_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers

• Previous message: Renaud Deraison: "Re: [Plugins-writers] Missing CVE IDs"
• In reply to: George A. Theall: "Re: [Plugins-writers] GlobalSCAPE Secure FTP Server User Input Overflow nasl script"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Wed Jul 06 2005 - 07:07:59 PDT