WarFTPd CWD/MKD Command Overflow

This script is Copyright (C) 2003-2011 Digital Defense, Inc.

Synopsis :

The remote FTP service is prone to a buffer overflow attack.

Description :

The version of the War FTP Daemon running on this host is vulnerable
to a buffer overflow attack. This is due to improper bounds checking
within the code that handles both the CWD and MKD commands. By
exploiting this vulnerability, it is possible to crash the server.

See also :


Solution :

Upgrade to WarFTPd version 1.67-4 or later.

Risk factor :

Medium / CVSS Base Score : 4.0
CVSS Temporal Score : 3.5
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 11205 (DDI_warftpd_cwd_overflow.nasl)

Bugtraq ID: 966

CVE ID: CVE-2000-0131

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now