VULHUB ™

WFTPD is a popular FTP server developed by Texas Imperial Software for Windows systems. It has been reported that a buffer overflow condition exists in WFTPD. The condition is present when a user requests a 'LIST' of the current directory or 'LIST -d' of a directory. If this overrun occurs on the stack, it may be possible for malicious users to execute arbitrary code on the underlying host. At the very least attackers can use this vulnerability to crash WFTPD. If anonymous FTP is enabled, this vulnerability may be exploitable by anonymous users on the Internet without authentication. This vulnerability was reportedly discovered on and tested on version 3.00 R5 for Windows 95/98/Me. It is believed that other versions for all platforms are affected, but this has not been confirmed.

WFTPD is a popular FTP server developed by Texas Imperial Software for Windows systems. It has been reported that a buffer overflow condition exists in WFTPD. The condition is present when a user requests a 'LIST' of the current directory or 'LIST -d' of a directory. If this overrun occurs on the stack, it may be possible for malicious users to execute arbitrary code on the underlying host. At the very least attackers can use this vulnerability to crash WFTPD. If anonymous FTP is enabled, this vulnerability may be exploitable by anonymous users on the Internet without authentication. This vulnerability was reportedly discovered on and tested on version 3.00 R5 for Windows 95/98/Me. It is believed that other versions for all platforms are affected, but this has not been confirmed.