WarFTPd CWD/MKD Command Overflow

This script is Copyright (C) 2003-2011 Digital Defense, Inc.

Synopsis :

The remote FTP service is prone to a buffer overflow attack.

Description :

The version of the War FTP Daemon running on this host is vulnerable
to a buffer overflow attack. This is due to improper bounds checking
within the code that handles both the CWD and MKD commands. By
exploiting this vulnerability, it is possible to crash the server.

See also :


Solution :

Upgrade to WarFTPd version 1.67-4 or later.

Risk factor :

Medium / CVSS Base Score : 4.0
CVSS Temporal Score : 3.5
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 11205 (DDI_warftpd_cwd_overflow.nasl)

Bugtraq ID: 966

CVE ID: CVE-2000-0131

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial