1. Symantec Vulnerability Alert
SmallFTPD 'DELE' Command Remote Denial Of Service Vulnerability
Synopsis
Bugtraq ID 40180 Urgency Rating 5.4
CVE CVE-MAP-NOMATCH
Threat Breakdown
Published May 14 2010
Severity 5.2
Classification Failure to Handle Exceptional Conditions
Remote Yes Local No Impact 3
Availability Always Authentication Required Ease of Exploit 8
Ease Exploit Available Credibility Single Source
Last Update 05/14/2010 8:36:15 PM GMT
Last Change Initial analysis. CVSS Version 2
CVSS Version 2 CVSS2 Base 4
CVSS2 Base 4 CVSS2 Base AV:N/AC:L/Au:S/C:N/I:N/A:P
Vector CVSS2 Temporal 3.4
CVSS2 3.4 CVSS2 E:F/RL:U/RC:UC
Temporal Temporal Vector
CVSS Version 1
CVSS1 Base 1.4 CVSS1 1.2
Temporal
Vulnerable Systems
smallftpd smallftpd 0.99.0
smallftpd smallftpd 1.0.2
smallftpd smallftpd 1.0.3
Short Summary
SmallFTPD is prone to a remote denial-of-service vulnerability.
Impact
Successful attacks will cause the application to crash, creating a denial-of-service condition.
Technical Description
SmallFTPD is an FTP server available for Microsoft Windows.
The application is prone to a remote denial-of-service vulnerability because it fails to handle repeated connections which
pass excessive data to the 'DELE' command. Attackers must authenticate to the affected application in order to exploit
this issue.
Successful attacks will cause the application to crash, creating a denial-of-service condition.
SmallFTPD 'DELE' Command Remote Denial Of Service Vulnerability
SmallFTPD 1.0.3 is vulnerable; other versions may also be affected.
Create Date 5/14/2010 8:39:30 PM GMT
2. Successful attacks will cause the application to crash, creating a denial-of-service condition.
SmallFTPD 1.0.3 is vulnerable; other versions may also be affected.
Attack Scenarios
1. An attacker locates a network-accessible device running a vulnerable version of the application.
2. The attacker makes repeated, authenticated connections to the application and sends crafted FTP commands
sufficient to trigger the issue.
3. The application crashes, resulting in a denial-of-service condition.
Exploits
The following exploit is available:
Jeremiah Talamantes 2010-05-14 00:00:00Z
http://downloads.securityfocus.com/vulnerabilities/exploits/40180.py
Mitigating Strategies
Block external access at the network boundary, unless external parties require service.
If global access isn't needed, filter access to the affected computer at the network boundary. Restricting access to
only trusted computers and networks might greatly reduce the likelihood of successful exploits.
Disallow anonymous access to services. Permit access for trusted individuals only.
To reduce the likelihood of remote attackers exploiting this issue, disable anonymous access to affected FTP servers.
Run all software as a nonprivileged user with minimal access rights.
To reduce the impact of latent vulnerabilities, run all applications with the minimal amount of privileges required for
functionality.
Solutions
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent
information, please mail us at: vuldb@securityfocus.com.
Credit
Jeremiah Talamantes
References
Web Page:SmallFTPD Homepage SmallFTPD
http://sourceforge.net/projects/smallftpd/
Change Log
2010.05.14: Initial analysis.
URL
SmallFTPD 'DELE' Command Remote Denial Of Service Vulnerability
Create Date 5/14/2010 8:39:30 PM GMT