WU-FTPD fb_realpath() Function Off-by-one Overflow
Critical Nessus Plugin ID 11811
SynopsisThe remote FTP server is affected by a buffer overflow vulnerability.
DescriptionThe remote WU-FTPD server seems to be vulnerable to an off-by-one overflow when dealing with huge directory structures.
An attacker may exploit this flaw to obtain a shell on this host.
Note that Nessus has solely relied on the banner of the remote server to issue this warning so it may be a false-positive, especially if the patch has already been applied.
SolutionApply the realpath.patch patch.