Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

WU-FTPD < 2.6.3 Multiple Vulnerabilities

Medium

Synopsis

An attacker may be able to access directories outside the FTP root

Description

The remote host is running wu-ftpd 2.6.2 or older. There is a bug in this version which may allow an attacker to bypass the restricted-gid feature and gain unauthorized access to otherwise restricted directories. In addition, this version is prone to a remote overflow in the S/KEY authentication.

Solution

Upgrade to wu-ftpd 2.6.3 or later.