HighCheck or Attack Name: WarFTPD
WarFTPD is a popular FTP server for Windows 95/98 and Windows NT machines. A buffer overflow exists in the way WarFTP handles the USER and PASS commands, allowing a remote attacker to execute arbitrary commands on the server. Versions 1.65 and previous, in addition to 1.66x3 and previous, are vulnerable to this flaw.
Upgrade to the latest version of WarFTPD.
Jgaa's Internet - Bugreports and bugfixes: R0046, War FTP Daemon v. 1.* R0046, http://war.jgaa.com:8080/bugreport/r0046.html
Jgaa's Internet, Download Software, http://www.jgaa.com/downloadpage.htm#locations
