Intrusion Prevention

WuFTP.Glob.Filename.Buffer.Overflow

Description

It indicates an attempt to exploit a heap corruption vulnerability in Washington University FTP daemon (wu-ftpd).
Wu-ftpd is a popular file transfer protocol daemon originated in Washington University. There exists a vulnerability in the globbing function that allows attackers to execute arbitrary commands via certain carefully-constructed FTP comands.

Affected Products

Any unprotected wu-ftpd 2.6.0 or 2.6.1 is vulnerable to the attack.

Impact

Attackers can execute arbitrary commands on the victim system.

Recommended Actions

Upgrade to the latest non-vulnerable version of the software.

Disable anonymous FTP access unless absolutely required.

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date	Version	Status	Detail
2024-07-22	28.830	Modified	Name:WuFTP. Glob. Filename. Heap. Overflow:WuFTP. Glob. Filename. Buffer. Overflow

References

ID	12093
Created	Aug 03, 2006
Updated	Jul 18, 2024
CVE ID
Risk
Exploit Prediction Score	60.88%
Default Action	drop
Active
Affected OS	Linux, BSD, Other
Affected App	Other
Profile Type	Buffer Errors

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Intrusion Prevention

WuFTP.Glob.Filename.Buffer.Overflow

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

References

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Intrusion Prevention

WuFTP.Glob.Filename.Buffer.Overflow

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

References

Threat Intelligence
Center