WU-FTPD Unspecified Security Issue

high Nessus Plugin ID 11332

Synopsis

The remote FTP server has an unspecified remote vulnerability.

Description

The version of WU-FTPD running on the remote host has an unspecified remote vulnerability. This is reportedly due to an unspecified bug in glob.c discovered by the SuSE security team.

Nessus verified this vulnerability by looking at the banner of the remote FTP server.

Solution

Upgrade to WU-FTPD version 2.6.1 or later.

Plugin Details

Severity: High

ID: 11332

File Name: wu_ftpd_glob.nasl

Version: 1.17

Type: remote

Family: FTP

Published: 3/9/2003

Updated: 8/15/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:washington_university:wu-ftpd

Required KB Items: ftp/login, ftp/wuftpd, Settings/ParanoidReport

Vulnerability Publication Date: 11/28/2001

Reference Information

CVE: CVE-2001-0935