id: CVE-2020-9365

info:
  name: Pure-FTPd 1.0.24 - Security Vulnerability
  author: pussycat0x
  severity: medium
  description: |
    Pure-FTPd 1.0.24 contains security vulnerabilities that could allow attackers to exploit the FTP server. This version is known to have various security issues that could lead to unauthorized access or other security implications.
  impact: |
    Attackers can exploit various security vulnerabilities in Pure-FTPd 1.0.24 to potentially gain unauthorized access to the FTP server or compromise its security.
  remediation: |
    Upgrade to Pure-FTPd version 1.0.25 or later to address the security vulnerabilities present in version 1.0.24.
  metadata:
    verified: true
    shodan-query: product:"Pure-FTPd" version:"1.0.24"
    max-request: 1
  tags: cve,cve2020,network,ftp,pure-ftpd,tcp,passive,vuln

tcp:
  - inputs:
      - data: 00000000
        type: hex

    host:
      - "{{Hostname}}"
    port: 21
    read-size: 1024

    matchers:
      - type: dsl
        dsl:
          - "contains(raw, 'Pure-FTPd')"
          - "contains(version, '1.0.24')"
        condition: and

    extractors:
      - type: regex
        group: 1
        name: version
        regex:
          - "Pure-FTPd ([0-9.]+)"
# digest: 490a0046304402201b689feda9504e209bd84649be68bf0b725b18cb9bed6de4ced13b9b5fe4a37602200f488633de69ae319fa217b7911ec509c987d06083cca463e4cdb7282d64bc43:922c64590222798bb761d5b6d8e72950