WU-FTPD rnfr File Overwrite
High Nessus Plugin ID 14302
SynopsisThe remote FTP server has a file overwrite vulnerability.
DescriptionThe remote WU-FTPD server seems to be vulnerable to a remote flaw.
This version contains a flaw that may allow a malicious user to overwrite arbitrary files. The issue is triggered when an attacker sends a specially formatted rnfr command. This flaw will allow a remote attacker to overwrite any file on the system.
*** Nessus solely relied on the banner of the remote server
*** to issue this warning, so it may be a false positive.
SolutionUpgrade to WU-FTPD 2.4.2 or newer.