WFTP 3.21 Multiple Vulnerabilities (OF, DoS)

high Nessus Plugin ID 12083

Language:

Synopsis

Arbitrary code may be run on the remote host.

Description

The remote FTP server is vulnerable to at least two remote stack-based overflows and two Denial of Service attacks. An attacker can use these flaws to gain remote access to the WFTPD server.

Solution

If you are using wftp, then upgrade to a version greater than 3.21 R1, if you are not, then contact your vendor for a fix.

Plugin Details

Severity: High

ID: 12083

File Name: wftp_321_overflow.nasl

Version: 1.23

Type: remote

Family: FTP

Published: 2/29/2004

Updated: 8/6/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2/28/2004

Reference Information

CVE: CVE-2004-0340, CVE-2004-0341, CVE-2004-0342

BID: 9767

Detections

Analytics