This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.
An FTP client on the remote host is affected by a stack-based buffer
The version of Core FTP installed on the remote host is prior to 2.2
build 1785. It is, therefore, affected by a stack-based buffer overflow
vulnerability because user-supplied input is not properly validated when
handling directory names via the 'CWD' command. A remote attacker could
potentially exploit this issue with specially crafted directory names,
resulting in a denial of service or code execution subject to the user's
See also :
Upgrade to Core FTP 2.2 build 1785 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : false