WFTP 3.21 Multiple Vulnerabilities (OF, DoS)

High Nessus Plugin ID 12083


Arbitrary code may be run on the remote host.


The remote FTP server is vulnerable to at least two remote stack-based overflows and two Denial of Service attacks. An attacker can use these flaws to gain remote access to the WFTPD server.


If you are using wftp, then upgrade to a version greater than 3.21 R1, if you are not, then contact your vendor for a fix.

Plugin Details

Severity: High

ID: 12083

File Name: wftp_321_overflow.nasl

Version: $Revision: 1.22 $

Type: remote

Family: FTP

Published: 2004/02/29

Modified: 2016/05/04

Dependencies: 10079, 10092

Risk Information

Risk Factor: High


Base Score: 7.2

Temporal Score: 6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2004/02/28

Reference Information

CVE: CVE-2004-0340, CVE-2004-0341, CVE-2004-0342

BID: 9767

OSVDB: 4114, 4115, 4116, 14763, 14764, 14765