SECUNIA ADVISORY ID: SA24494

VERIFY ADVISORY: http://secunia.com/advisories/24494/

CRITICAL: Highly critical

IMPACT: DoS, System access

WHERE: >From remote

SOFTWARE: War FTP Daemon 1.6x - http://secunia.com/product/1998/

DESCRIPTION: Immunity has reported a vulnerability in WarFTP Daemon, which potentially can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an unspecified error prior to authentication and can be exploited to cause a stack-based buffer overflow. The vulnerability is reported in version 1.65. Other versions may also be affected.

SOLUTION: The vendor recommends using the version 1.80 series. Restrict access to the FTP service.

PROVIDED AND/OR DISCOVERED BY: Immunity, Inc.