GEN:SID 1:1864
Message FTP SITE NEWER attempt
Summary This event is generated when an attempt is made to enter the "SITE
NEWER" command on an FTP server.
Impact Denial of Service. Possible execution of arbitrary code is possible.
Detailed Information When issued the "SITE NEWER" command, some versions of wu-ftpd can
consume excessive ammounts of memory whichthen can effectively act as a
denial of service to the entire system. If a user can create files on
the system, it may be possible to execute code as the user running the
ftpd daemon, typically root.
Affected Systems wu-ftpd versions prior to and including 2.4.2.
Attack Scenarios An attacker might be trying to DoS the system, and it could lead to
arbitrary code execution with root privileges.
Ease of Attack Medium
Corrective Action Upgrade the wu-ftpd service
Additional References Nessus:
http://cgi.nessus.org/plugins/dump.php3?id=10319

CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0880
Rule References cve: 1999-0880
nessus: 10319