Vulnerability Note VU#713092

FileCOPA FTP server vulnerable to buffer overflow

Overview

There is a buffer overflow vulnerability in the FileCOPA FTP server which may allow an attacker to execute arbitrary code.

I. Description

FileCOPA is an FTP server for Microsoft Windows that supports anonymous file transfers.

There is a buffer overflow vulnerability in the FileCOPA FTP service (filecpnt.exe) that may occur when malformed input is passed to the server using common FTP commands. If anonymous connections to the server are allowed, an attacker would not need valid user credentials to exploit this vulnerability.

II. Impact

A remote, unauthenticated attacker may execute arbitrary code.

III. Solution

Upgrade

Upgrade to FileCOPA version 1.01.

Disable Anonymous Access
Disabling anonymous access may mitigate the impact of this vulnerability.

Restrict Access
Restricting network access to the server may prevent remote attackers from exploiting this vulnerability.

Systems Affected

Vendor	Status	Date Notified	Date Updated
Intervations, Inc.	Vulnerable	29-Sep-2006

References

http://secunia.com/secunia_research/2006-55/
http://secunia.com/advisories/21097/
http://www.filecopa-ftpserver.com/download.html

Credit

Thanks to Carsten Eiram, Secunia Research for reporting this vulnerability.

This document was written by Ryan Giobbi.

Other Information

Date Public:	2006-07-25
Date First Published:	2006-09-29
Date Last Updated:	2006-09-29
CERT Advisory:
CVE-ID(s):	CVE-2006-3768
NVD-ID(s):	CVE-2006-3768
US-CERT Technical Alerts:
Metric:	1.03
Document Revision:	27

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Produced 2006 by US-CERT, a government organization
Disclaimers and copyright information

Get Adobe Reader