Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

War FTP Daemon < 1.67b5 Traversal Arbitrary Directory Access

Medium

Synopsis

The remote host is vulnerable to a flaw which allows attackers to retrieve sensitive files or data.

Description

The version of WarFTPd running on this host contains a vulnerability that may allow a potential intruder to gain read access to directories and files outside of the ftp root. By sending a specially crafted 'dir' command, the server may disclose an arbitrary directory.

Solution

Upgrade to version 1.67b5 or higher.