GEN:SID 1:2272
Message FTP LIST integer overflow attempt
Summary This event is generated when an attempt is made to exploit a known
vulnerability in Coreutils LS.
Impact Denial of Service, possible arbitrary code execution.
Detailed Information The Coreutils ls command contains an integer overflow vulnerability
which may present an attacker with an exploitation opportunity in
software that uses this command. By supplying a large amount of data to
the ls command in the form of the width variable, an attacker may cause
a DoS to occur. It may also be possible to execute arbitrary code as the
application becomes unstable.
Affected Systems Coreutils LS
Attack Scenarios The attacker needs to supply a large amount of data in the width
variable to the ls command.
Ease of Attack Simple. No exploit software required although automated scripts do exist.
Corrective Action Apply the appropriate vendor supplied patches

Upgrade the software to the latest non-affected version.
Additional References  
Rule References bugtraq: 8875
cve: 2003-0853
cve: 2003-0854