Nessus Plugin #11205
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
War FTP Daemon CWD/MKD Buffer Overflow
- Family:
- FTP
- Category:
- attack
- Copyright:
- This script is Copyright (C) 2003 Digital Defense, Inc.
- Summary:
- War FTP Daemon CWD/MKD Buffer Overflow
- Version:
- $Revision: 1.4 $
- Cve_id:
- CVE-2000-0131
- Bugtraq_id:
- 966
- Xrefs:
- -
- Description:
The version of the War FTP Daemon running on this host is vulnerable to a
buffer overflow attack. This is due to improper bounds checking within the
code that handles both the CWD and MKD commands. By exploiting this
vulnerability, it is possible to crash the server, and potentially run
arbitrary commands on this system.
Solution:
Visit the following link and download the latest version of WarFTPd:
ftp://ftp.jgaa.com/pub/products/Windows/WarFtpDaemon/
Risk factor: High
Generiert am 27.04.2005 um 18:49:54 Uhr.