GEN:SID 1:338
Message FTP EXPLOIT format string
Summary This event is generated when an attack attempt is made against an ftp
server possibly running a vulnerable ftpd
Impact Possible remote execution of commands on the affected server as the root user
Detailed Information The Washington University ftp daemon (wu-ftpd) does not perform proper
checking in its SITE EXEC implementation, and allows user input to be
sent directly to printf. This allows an attacker to overwrite data and
eventually execute code on the server.
Affected Systems Any system running wu-ftpd 2.6 .0 or below
Attack Scenarios A remote attacker will attempt to execute commands on the ftp server
with root user privileges, over writing or modifying system files. This
can be done with anonymous and real user logins.
Ease of Attack Simple, Exploits exist
Corrective Action Upgrade to latest version which has fixes for this problem. Maybe even get rid of wu-ftp with something more secure
Additional References  
Rule References arachnids: 453
bugtraq: 1387
cve: 2000-0573