WFTP 3.21 Multiple Vulnerabilities (OF, DoS)

This script is Copyright (C) 2004-2011 Tenable Network Security, Inc.


Synopsis :

Arbitrary code may be run on the remote host.

Description :

The remote FTP server is vulnerable to at least two remote stack-based
overflows and two Denial of Service attacks. An attacker can use these
flaws to gain remote access to the WFTPD server.

Solution :

If you are using wftp, then upgrade to a version greater than 3.21 R1,
if you are not, then contact your vendor for a fix.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.0
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 12083 ()

Bugtraq ID: 9767

CVE ID: CVE-2004-0340
CVE-2004-0341
CVE-2004-0342