GEN:SID 1:1728
Message FTP CWD ~ attempt
Summary This event is generated when an attempt is made to exploit a known vulnerability in the ftp server included with version 2.6 of the Sun Solaris operating system.
Impact Serious.
Detailed Information An error in the ftp daemon supplied with version 2.6 of Sun's Solaris operating system can cause the daemon to overflow a buffer and generate a core file that is world readable.

The attacker may also be able to fill the disk partition by generating core files.
Affected Systems Sun Solaris 2.6
Attack Scenarios An attacker can use a non-standard ftp client or initiate a session with the ftp server and issue a CWD ~ command. The attacker may then be able to read the core file and recover usernames and passwords for other users on the system
Ease of Attack Simple
Corrective Action Apply the appropriate vendor supplied patches

Upgrade to the latest non-affected version of the software
Additional References  
Rule References bugtraq: 2601
cve: 2001-0421