WarFTPd ODBC Execute Administrative Commands

2000-01-08T00:00:00
ID OSVDB:4678
Type osvdb
Reporter OSVDB
Modified 2000-01-08T00:00:00

Description

Vulnerability Description

WarFTPd contains a flaw that may allow a remote attacker to execute system commands with administrative privileges or access any file on the local machine. The issue is due to a flaw in the ODBC driver. No further details have been provided.

Solution Description

Upgrade to version 1.70 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

WarFTPd contains a flaw that may allow a remote attacker to execute system commands with administrative privileges or access any file on the local machine. The issue is due to a flaw in the ODBC driver. No further details have been provided.

References:

Vendor URL: http://support.jgaa.com/ Vendor Specific Advisory URL