header-logo
Suggest Exploit
vendor:
FTPFS
by:
SecurityFocus
7.2
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: FTPFS
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux
2002

FTPFS Local Buffer Overflow Vulnerability

FTPFS is a Linux kernel module allowing users to mount remote files from any standard FTP server as a local filesystem. A version of FTPFS is vulnerable to a buffer overflow leading to a denial of service, and potentially execution of arbitrary code. This overflow can be exploited by any local user with access to the mount command on a system with FTPFS installed.

Mitigation:

Upgrade to the latest version of FTPFS.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2498/info

FTPFS is a Linux kernel module allowing users to mount remote files from any standard FTP server as a local filesystem.

A version of FTPFS is vulnerable to a buffer overflow leading to a denial of service, and potentially execution of arbitrary code. This overflow can be exploited by any local user with access to the mount command on a system with FTPFS installed.

mount -t ftpfs none /mnt -o ip=127.0.0.1,user=xxxxxxxxxxxxxxxxxxxxxxxxxxxx...

Navigation

Suggest Exploit

Services By CQR