Code: p35 Severity: Warning
Description: Certain versions of wu-ftpd allow using a site exec command to execute commands on a remote machine. A command-line option to the GNU tar program allows a user with access to FTP to execute arbitrary commands on a FTP server by using this command. Impact: This attack allows an attacker to execute commands on the target system which can lead to root-level access. Corrective: This signature will also display the commands that the attacker executed. Examine these commands carefully. If they represent a threat to the target host, based on its vulnerability level, then you should consider the machine compromised and take appropriate action.
|
