Rumpus FTP Server Multiple Vulnerabilities
BID:22126
Info
Rumpus FTP Server Multiple Vulnerabilities
| Bugtraq ID: | 22126 |
| Class: | Unknown |
| CVE: |
CVE-2007-0019 |
| Remote: | Yes |
| Local: | Yes |
| Published: | Jan 18 2007 12:00AM |
| Updated: | Sep 13 2007 03:01AM |
| Credit: | These vulnerabilities were discovered by LMH <lmh [at] info-pull.com> and Kevin Finisterre. |
| Vulnerable: |
Maxum Rumpus FTP Server 2.0.3 dev Maxum Rumpus FTP Server 1.3.6 Maxum Rumpus FTP Server 1.3.5 Maxum Rumpus FTP Server 1.3.4 Maxum Rumpus FTP Server 1.3.2 Maxum Rumpus FTP Server 5.1 Maxum Rumpus FTP Server 5.0 |
| Not Vulnerable: |
Maxum Rumpus FTP Server 5.1.1 |
Discussion
Rumpus FTP Server Multiple Vulnerabilities
Rumpus is prone to multiple vulnerabilities, including multiple remote heap-overflow issues, denial-of-service issues, and local privilege-escalation issues. The remote issues affect the FTP and HTTP components of the server.
Since Rumpus runs with superuser privileges, a successful attack may facilitate the complete compromise of affected computers.
Rumpus 5.1 and prior versions are vulnerable to these issues.
Rumpus is prone to multiple vulnerabilities, including multiple remote heap-overflow issues, denial-of-service issues, and local privilege-escalation issues. The remote issues affect the FTP and HTTP components of the server.
Since Rumpus runs with superuser privileges, a successful attack may facilitate the complete compromise of affected computers.
Rumpus 5.1 and prior versions are vulnerable to these issues.
Exploit / POC
Rumpus FTP Server Multiple Vulnerabilities
The following proof of concept is available:
The following proof of concept is available:
Solution / Fix
Rumpus FTP Server Multiple Vulnerabilities
Solution:
The vendor released Rumpus 5.1.1 to address these issues. Please contact the vendor for information on how to obtain and apply this update.
Solution:
The vendor released Rumpus 5.1.1 to address these issues. Please contact the vendor for information on how to obtain and apply this update.
References
Rumpus FTP Server Multiple Vulnerabilities
References:
References: