The version of War FTP Daemon running on this host contains a buffer overflow in the code that handles the USER and PASS commands. A potential intruder could use this vulnerability to crash the server, as well as run arbitrary commands on the system.
Upgrade to the latest release of the War FTP Daemon available from the following web site: http://www.jgaa.com/
- Golden FTP Server Malformed Message Denial Of Service Vulnerability
- War FTP Daemon 'USER' and 'PASS' Remote Format String Vulnerability
- ActFax FTP Server Post Auth 'RETR' Command Denial of Service Vulnerability
- SamiFTP Server 'RETR' Command Denial of Service Vulnerability
- Serv-U FTP Server SITE CHMOD Command Stack Overflow Vulnerability