[Wzdftpd-security] wzdftpd security advisory 2007-01

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Date: Jan 19 2007

Topic: Unspecified Bug Lets Remote Users Cause Denial of Service
Conditions

Systems affected: wzdftpd 0.8.0

Platforms: all

Severity: medium to high

Fixed: wzdftpd 0.8.1

Description:

  A bug was found in the command parser, resulting in a server crash if
the user sends a specially crafted FTP command.

This requires an authenticated user.

Jose Miguel Esparza of S21Sec discovered this vulnerability.

The original advisory is available at:
http://www.s21sec.com/avisos/s21sec-033-en.txt

Impact:

  A remote attacker can cause the server to crash, or a
denial-of-service situation.
We believe that the vulnerability can not be exploited.

Solution:

  Upgrade to version 0.8.1

As a workaround, you can add a "key != NULL" condition in the
chtbl_lookup function of the 'libwzd-base/hash.c' file

The wzdftpd team.