Secunia Advisory: SA14054

MC.Iglo has discovered a vulnerability in War FTP Daemon, which can be exploited by malicious people to cause a DoS (Denial of Service).

Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch

The vulnerability is caused due to an error in the handling of certain commands. This can be exploited to crash a vulnerable service by supplying a specially crafted string as argument to e.g. the “CWD” or “USER” commands.

The vulnerability has been confirmed on version 1.82.00-RC9. Versions 1.70 through 1.82.00-RC8 are reportedly also affected.

Solution: Update to version 1.82.00-RC10.