TNFTPD Multiple Signal Handler Remote Superuser Privilege Escalation
High Nessus Network Monitor Plugin ID 1854
SynopsisThe remote host is vulnerable to multiple attack vectors.
DescriptionThe remote host is running TNFTPD, a port of the NetBSD FTP daemon. It is reported that this version of TNFTPD is vulnerable to multiple vulnerabilities in the signal handling functions. An attacker may remotely gain superuser privileges on the remote host. TNFTPD was formerly named lukemftpd.
SolutionUpgrade to tnftpd 20040810 or higher.