Threat Level: green Handler on Duty: Manuel Pelaez

SANS ISC Port Details:


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Graph

[show ascii data]
Graph Criteria
  • Start Date:
  • End Date:
  • Port:
  • Left Y Axis:
  • Right Y Axis:

Port Information

Protocol Service Name
udp ftp File Transfer [Control]
tcp ftp File Transfer [Control]
tcp NetAdministrator [trojan] Net Administrator
tcp Ramen [trojan] Ramen
tcp RTB666 [trojan] RTB 666
tcp SennaSpyFTPserver [trojan] Senna Spy FTP server
tcp Traitor21 [trojan] Traitor 21
tcp [trojan]TheFlu [trojan] The Flu
tcp WebEx [trojan] WebEx
tcp WinCrash [trojan] WinCrash
tcp AudioGalaxy AudioGalaxy file sharing app
tcp MotIvFTP [trojan] MotIv FTP
tcp Larva [trojan] Larva
tcp BladeRunner [trojan] BladeRunner
tcp CattivikFTPServer [trojan] Cattivik FTP Server
tcp CCInvader [trojan] CC Invader
tcp DarkFTP [trojan] Dark FTP
tcp DolyTrojan [trojan] Doly Trojan
tcp Fore [trojan] Fore
tcp FreddyK [trojan] FreddyK
tcp InvisibleFTP [trojan] Invisible FTP
tcp Juggernaut42 [trojan] Juggernaut 42
tcp BackConstruction [trojan] Back Construction
[get complete service list]

User Comment

Submitted By Date
Comment
Johannes Ullrich 2007-02-12 12:31:02
A new very trivial exploit for telnet on Solaris 10/11 was made public Feb. 11th 2007.
Add a comment

CVE Links

CVE # Description
CVE-1999-80 "Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands
CVE-1999-82 "CWD ~root command in ftpd allows root access."
CVE-1999-202 "The GNU tar command
CVE-1999-219 "Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to cause a denial of service (crash) via a long (1) CWD or (2) LS (list) command."
CVE-1999-349 "A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and
CVE-1999-368 "Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access
CVE-1999-789 "Buffer overflow in AIX ftpd in the libc library."
CVE-1999-800 "The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm."
CVE-1999-838 "Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a denial of service via the SITE command."
CVE-1999-880 "Denial of service in WU-FTPD via the SITE NEWER command
CVE-1999-911 "Buffer overflow in ProFTPD
CVE-1999-997 "wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion
CVE-1999-1510 "Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service
CVE-1999-1519 "Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of service (resource exhaustion) via a long (1) user name or (2) password."
CVE-1999-1544 "Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command."
CVE-2000-40 "glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command."
CVE-2000-133 "Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to execute commands via the STOR
CVE-2000-573 "The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string
CVE-2000-699 "Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command."
CVE-2001-53 "One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges."
CVE-2001-54 "Directory traversal vulnerability in FTP Serv-U before 2.5i allows remote attackers to escape the FTP root and read arbitrary files by appending a string such as ""/..%20."" to a CD command
CVE-2001-65 "Buffer overflow in bftpd 1.0.13 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long SITE CHOWN command."
CVE-2001-325 "Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large number of arguments to the stat command."
CVE-2001-421 "FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory
CVE-2001-550 "wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a ""~{"" argument to commands such as CWD
CVE-2001-680 "Directory traversal vulnerability in ftpd in QPC QVT/Net 4.0 and AVT/Term 5.0 allows a remote attacker to traverse directories on the web server via a ""dot dot"" attack in a LIST (ls) command."
CVE-2001-826 "Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute arbitrary commands via long arguments to (1) HELP
CVE-2001-1021 "Buffer overflows in WS_FTP 2.02 allow remote attackers to execute arbitrary code via long arguments to (1) DELE
CVE-2002-73 "The FTP service in Internet Information Server (IIS) 4.0
CVE-2002-606 "Buffer overflow in 3Cdaemon 2.0 FTP server allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long commands such as login."
CVE-2002-826 "Buffer overflow in WS_FTP FTP Server 3.1.1 allows remote authenticated users to execute arbitrary code via a long SITE CPWD command."
CVE-2003-392 "Directory traversal vulnerability in ST FTP Service 3.0 allows remote attackers to list arbitrary directories via a CD command with a DoS drive letter argument (e.g. E:)."
CVE-2003-466 "Off-by-one error in the fb_realpath() function
CVE-2003-853 "An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value
CVE-2004-277 "Format string vulnerability in Dream FTP 1.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the username."