WarFTPd USER/PASS Command Remote Overflow

This script is Copyright (C) 2003-2015 Digital Defense, Inc.

Synopsis :

Arbitrary code can be run on the remote FTP server.

Description :

The version of War FTP Daemon running on this host contains a buffer
overflow in the code that handles the USER and PASS commands. A
potential intruder could use this vulnerability to crash the server,
as well as run arbitrary commands on the system.

Solution :

Upgrade to WarFTPd version 1.66x4 or later.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 11207 (DDI_warftpd_user_overflow.nasl)

Bugtraq ID: 10078

CVE ID: CVE-1999-0256

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now