CVE-2003-1327

Name of the Vulnerable Software and Affected Versions wu-ftpd versions 2.6.2 and earlier

Description The issue is related to a buffer overflow in the SockPrintf function. This occurs when wu-ftpd is compiled with the MAIL ADMIN option enabled on a system that supports very long pathnames. Remote anonymous users might be able to execute arbitrary code by uploading a file with a long pathname. The overflow is triggered when wu-ftpd constructs a notification message to the administrator.

Recommendations For wu-ftpd versions 2.6.2 and earlier, consider disabling the MAIL ADMIN option as a temporary workaround until a patch is available. Restrict access to uploading files with long pathnames to minimize the risk of exploitation.