CVE-2013-2278 — HIGH (10.0)

Vulnerability Description

Unspecified vulnerability in War FTP Daemon (warftpd) 1.82, when running as a Windows service, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to log messages and the "internal log handler to the Windows Event log."

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Jgaa	Warftpd	1.8.2

References

http://www.securityfocus.com/archive/1/525830
http://www.warftp.org/index.php?cmd=show_article&article_id=1035PatchVendor Advisory
http://www.securityfocus.com/archive/1/525830
http://www.warftp.org/index.php?cmd=show_article&article_id=1035PatchVendor Advisory

FAQ

What is CVE-2013-2278?

CVE-2013-2278 is a vulnerability with a CVSS score of 10.0 (HIGH). Unspecified vulnerability in War FTP Daemon (warftpd) 1.82, when running as a Windows service, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unkn...

How severe is CVE-2013-2278?

CVE-2013-2278 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-2278?

Check the references section above for vendor advisories and patch information. Affected products include: Jgaa Warftpd.