Synopsis :

The remote host is running an FTP server with a remote root vulnerability.

Description :

The version of WU-FTPD hosted on the remote server does not properly
sanitize the argument of the SITE EXEC command. It may be possible for
a remote attacker to gain root access.

See also :

http://marc.info/?l=bugtraq&m=96171893218000&w=2

Solution :

Upgrade to WU-FTPD version 2.6.1 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true