Vulnerability: Washington University FTP daemon (WU-FTPD)

Internet Security Systems has issued a report detailing a proof of concept exploit for a vulnerability in Washington University's FTP daemon (WU-FTPD).

The WU-FTPD daemon allows users to transfer files to and from the system running the service, using the File Transport Protocol (FTP). Many popular Linux distributions are shipped with WU-FTPD running by default.

A vulnerability exists that may allow attackers to execute arbitrary code with the privileges of the FTP daemon (most often root), resulting in a complete system compromise.

For full information of which Linux distributions and versions are affected, go to: information can also be found at

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about CERT AustraliaInternet Security SystemsISS GroupSecurity Systems

Show Comments