Ravens PHP Scripts

War FTP Daemon Unspecified Buffer Overflow Vulnerability
Date: Wednesday, March 14, 2007 @ 12:53:23 PDT
Topic: Security


SECUNIA ADVISORY ID: SA24494

VERIFY ADVISORY: http://secunia.com/advisories/24494/

CRITICAL: Highly critical

IMPACT: DoS, System access

WHERE: >From remote

SOFTWARE: War FTP Daemon 1.6x - http://secunia.com/product/1998/

DESCRIPTION: Immunity has reported a vulnerability in WarFTP Daemon, which potentially can be exploited by malicious people to compromise a vulnerable system.



The vulnerability is caused due to an unspecified error prior to authentication and can be exploited to cause a stack-based buffer overflow. The vulnerability is reported in version 1.65. Other versions may also be affected.

SOLUTION: The vendor recommends using the version 1.80 series. Restrict access to the FTP service.

PROVIDED AND/OR DISCOVERED BY: Immunity, Inc.






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=2807