WU-FTPD contains a flaw that may allow a remote attacker to execute arbitrary code. The issue occurs when the service runs in 'debug' mode and an attacker has control over ident information being returned to the server. By manipulating the ident data returned to the host when requested by RFC 931 based authentication, an attacker can provide custom data with user-supplied format string identifiers that are passed to the syslog facility. This can be abused to overwrite portions of the system memory and execute arbitrary code.

Upgrade to version 2.6.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

• CVE ID: 2001-0187 (see also: NVD)
• Exploit Database: 20594
• Bugtraq ID: 2296
• ISS X-Force ID: 6020
• CERT VU: 639760
• CERT: CA-2001-33
• Vendor Specific Solution URL: ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_current/missing_format_strings.patch
• CIAC Advisory: m-032

Unknown or Incomplete