War FTP Daemon Remote Format String Vulnerability
Gravité: : Critique
Date du conseil: 21 juillet 2015
Description
WarFTPD (War FTP Daemon) server could allow a remote attacker to execute arbitrary code on the system, caused by a format string vulnerability when handling malicious commands. By sending a specially-crafted USER or PASS command containing malicious format string specifiers, a remote attacker could exploit this vulnerability to execute arbitrary code on the vulnerable system or cause the application to crash.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1005179
Trend Micro Deep Security DPI Rule Name: 1005179 - War FTP Daemon Format String Vulnerability
Affected software and version:
- War FTP