War-FTPd 1.6x CWD/MKD DoS Vulnerability

War-FTPd 1.67 and possibly previous versions are susceptible to a buffer overflow DoS attack.

Due to improper bounds checking in the code that handles MKD and CWD commands, it is possible to remotely crash the server by submitting extremely long pathnames as arguments to either command.


 

Privacy Statement
Copyright 2010, SecurityFocus