War FTP Daemon USER/PASS Overflow Network Vulnerability

Summary

The version of War FTP Daemon running on this host contains a buffer overflow in the code that handles the USER and PASS commands. A potential intruder could use this vulnerability to crash the server, as well as run arbitrary commands on the system.

Solution

Upgrade to the latest release of the War FTP Daemon available from the following web site: http://www.jgaa.com/

Severity

Classification

CVE CVE-1999-0256
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Flash FTP Server Directory Traversal Vulnerability
WS FTP server FTP bounce attack and PASV connection hijacking flaw
Serv-U Multiple Security Vulnerabilities
FreshWebMaster Fresh FTP Filename Directory Traversal Vulnerability
SmartFTP Filename Processing Unspecified Vulnerability

Take action and discover your vulnerabilities