Vulnerability: Washington University FTP daemon (WU-FTPD)

Internet Security Systems has issued a report detailing a proof of concept exploit for a vulnerability in Washington University's FTP daemon (WU-FTPD).

The WU-FTPD daemon allows users to transfer files to and from the system running the service, using the File Transport Protocol (FTP). Many popular Linux distributions are shipped with WU-FTPD running by default.

A vulnerability exists that may allow attackers to execute arbitrary code with the privileges of the FTP daemon (most often root), resulting in a complete system compromise.

For full information of which Linux distributions and versions are affected, go to: information can also be found at

Join the newsletter!

Error: Please check your email address.

More about CERT AustraliaInternet Security SystemsISS GroupSecurity Systems

Show Comments