VULHUB ™

A remote stack-based buffer overrun has been reported for Wu-Ftpd. The problem occurs due to insufficient bounds checking when handling input within the SockPrintf() function. As a result, a remote attacker capable of creating a file path of excessive length, could potentially trigger the overrun. Successful exploitation of this vulnerability would ultimately allow for the execution of arbitrary code with the privileges of the Wu-Ftpd server, typically root. It should be noted that this vulnerability is not present within the default installation of Wu-Ftpd. The server must be configured using the 'MAIL_ADMIN' option to notify an administrator when a file has been uploaded.

A remote stack-based buffer overrun has been reported for Wu-Ftpd. The problem occurs due to insufficient bounds checking when handling input within the SockPrintf() function. As a result, a remote attacker capable of creating a file path of excessive length, could potentially trigger the overrun. Successful exploitation of this vulnerability would ultimately allow for the execution of arbitrary code with the privileges of the Wu-Ftpd server, typically root. It should be noted that this vulnerability is not present within the default installation of Wu-Ftpd. The server must be configured using the 'MAIL_ADMIN' option to notify an administrator when a file has been uploaded.