| VID |
16019 |
| Severity |
40 |
| Port |
21 |
| Protocol |
TCP |
| Class |
FTP |
| Detailed Description |
The FTP server is vulnerable to a remote command execution vulnerability via the SITE EXEC command. Some FTP servers could allow a remote attacker to execute system commands with root privilege, caused by improper validation of the argument of the SITE EXEC command. It may be possible for a remote attacker to gain root access.
* References:
http://www.cert.org/advisories/CA-1994-08.html
http://www.cert.org/advisories/CA-1995-16.html |
| Recommendation |
Upgrade your wu-ftpd server (<= 2.6.0 are vulnerables) or disable any access from untrusted users (especially anonymous). |
| Related URL |
CVE-1999-0080 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
