source: http://www.securityfocus.com/bid/747/info
 
 
WFTPD is reported prone to a remote buffer overflow vulnerability. The issue exists due to a lack of sufficient bounds checking performed on MKD and CWD arguments. It is reported that superfluous data passed to MKD first and then to CWD results in the overflow.
 
This vulnerability may be exploited by a remote authenticate attacker to execute arbitrary code in the context of the affected service.

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/19570.tgz
源链接

Hacking more

...