War FTP Daemon Remote Format String Vulnerability
Severity: : Critical
Advisory Date: 21 lipca 2015
DESCRIPTION
WarFTPD (War FTP Daemon) server could allow a remote attacker to execute arbitrary code on the system, caused by a format string vulnerability when handling malicious commands. By sending a specially-crafted USER or PASS command containing malicious format string specifiers, a remote attacker could exploit this vulnerability to execute arbitrary code on the vulnerable system or cause the application to crash.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1005179
Trend Micro Deep Security DPI Rule Name: 1005179 - War FTP Daemon Format String Vulnerability
AFFECTED SOFTWARE AND VERSION:
- War FTP