War FTP Daemon Log Messages Denial of Service Vulnerability

Bugtraq ID:	58182
Class:	Boundary Condition Error
CVE:	CVE-2013-2278
Remote:	Yes
Local:	No
Published:	Feb 26 2013 12:00AM
Updated:	Apr 08 2014 06:07AM
Credit:	jura.ba
Vulnerable:	War FTP Daemon War FTP Daemon 1.82 RC9 War FTP Daemon War FTP Daemon 1.82 RC11 War FTP Daemon War FTP Daemon 1.82 RC10 War FTP Daemon War FTP Daemon 1.82.0 RC13 War FTP Daemon War FTP Daemon 1.82.0 RC12
Not Vulnerable:

War FTP Daemon Log Messages Denial of Service Vulnerability

War FTP Daemon is prone to a denial-of-service vulnerability.

Attackers may leverage this issue to crash the application, denying service to legitimate users. Due to the nature of this issue, arbitrary code execution may be possible, but this has not been confirmed.

War FTP Daemon 1.82.x are vulnerable; other versions may also be affected.

War FTP Daemon Log Messages Denial of Service Vulnerability

Attackers can use readily available tools to exploit this issue.

War FTP Daemon Log Messages Denial of Service Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

War FTP Daemon Log Messages Denial of Service Vulnerability

References:

• Security-upgrade of War FTP Daemon 1.82 (War FTP)
  
• War FTP HomePage (War FTP)
  
• Denial of Service vulnerability in War FTP Daemon 1.82 (Jarle Aase)