vendor:
War-FTPD
by:
hdm
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: War-FTPD
Affected Version From: 1.65
Affected Version To: 1.65
Patch Exists: NO
Related CWE: CVE-1999-0256
CPE: a:war-ftpd:war-ftpd:1.65
Platforms Tested: Windows
1998
War-FTPD 1.65 Password Overflow
This exploits the buffer overflow found in the PASS command in War-FTPD 1.65. This particular module will only work reliably against Windows 2000 targets. The server must be configured to allow anonymous logins for this exploit to succeed. A failed attempt will bring down the service completely.
Mitigation:
Patch or update to a non-vulnerable version of the software.