I'm scanning a Solaris 9 machine running wu-ftpd 2.6.2 (which Sun has rebundled and called SunFTPd 10). On scanning this machine (safe checks disabled, nessus 2.0.6a), I'm getting what seem to be false positives for vulnerabilities. Nessus is reporting vulnerabilities related to AIX FTPd and SunFTP 9. I haven't been able to find any reference of wu-ftpd 2.6.2 being vulnerable to these exploits. If this report is inaccurate, why is Nessus reporting this? If not, where can I find documentation of these vulnerabilities? The ftp vulnerabilities are listed below in entirety.
Thanks. Vulnerability found on port ftp (21/tcp) It was possible to make the remote FTP server crash by issuing this command : CEL aaaa[...]aaaa This problem is known has the 'AIX FTPd' overflow and may allow the remote user to easily gain access to the root (super-user) account on the remote system. Solution : If you are using AIX FTPd, then read IBM's advisory number ERS-SVA-E01-1999:004.1, or contact your vendor for a patch. Risk factor : High CVE : CVE-1999-0789 BID : 679 Nessus ID : 10009 [ back to the list of ports ] Vulnerability found on port ftp (21/tcp) Buffer overflow in SunFTP build 9(1) allows remote attackers to cause a denial of service or possibly execute arbitrary commands by sending more than 2100 characters to the server. Solution : Switching to another FTP server, SunFTP is discontinued. Risk factor : High CVE : CVE-2000-0856 BID : 1638 Nessus ID : 11373 [ back to the list of ports ] Vulnerability found on port ftp (21/tcp) The remote FTP server closes the connection when one of the commands is given a too long argument. This probably due to a buffer overflow, which allows anyone to execute arbitrary code on the remote host. This problem is threatening, because the attackers don't need an account to exploit this flaw. Solution : Upgrade your FTP server or change it Risk factor : High CVE : CAN-2000-0133, CVE-2000-0943, CAN-2002-0126, CVE-2000-0870 BID : 961, 1858, 3884, 7251, 7278, 7307 Nessus ID : 10084 Information found on port ftp (21/tcp) An FTP server is running on this port. Here is its banner : 220 FTP server ready. Nessus ID : 10330 [ back to the list of ports ] Information found on port ftp (21/tcp) Remote FTP server banner : 220 FTP server ready. Nessus ID : 10092
