ID
VAR-E-200812-1307
TITLE
Rumpus FTP Server Command Argument Remote Buffer Overflow Vulnerability
Trust: 0.3
DESCRIPTION
Maxum Rumpus is prone to a remote buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application, possibly with root privileges. Failed exploit attempts will result in a denial-of-service condition.
Versions prior to Rumpus 6.0.1 are vulnerable.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | maxum | model: | rumpus ftp server | scope: | eq | version: | 6.0 | Trust: 0.3 |
| vendor: | maxum | model: | rumpus ftp server | scope: | ne | version: | 6.0.1 | Trust: 0.3 |
EXPLOIT
The following proof of concept is available:
Bullet list:
<li><a href="/data/vulnerabilities/exploits/32558.txt">/data/vulnerabilities/exploits/32558.txt</a></li>
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Boundary Condition Error
Trust: 0.3
CREDITS
Blue Moon Consulting
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 32558 | Trust: 0.3 |
REFERENCES
| url: | http://www.maxum.com/rumpus/ | Trust: 0.3 |
| url: | http://www.maxum.com/rumpus/news601.html | Trust: 0.3 |
SOURCES
| db: | BID | id: | 32558 |
LAST UPDATE DATE
2022-07-27T10:01:50.715000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 32558 | date: | 2008-12-01T23:53:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 32558 | date: | 2008-12-01T00:00:00 |