GEN:SID 1:2340
Message FTP SITE CHMOD overflow attempt
Summary This event is generated when an attempt is made to exploit a buffer
overflow vulnerability associated with RhinoSoft Serv-u FTP Server CHMOD
command.
Impact Remote access.  A successful attack may permit the remote execution of
arbitrary commands with system privileges.
Detailed Information Serv-u offers FTP servers for Windows hosts. A vulnerability exists
with the CHMOD command that can cause a buffer overflow and permit the
execution of arbitrary commands with system privileges. The buffer
overflow can be caused by supplying an overly long argument to the CHMOD
command.
Affected Systems RhinoSoft Serv-u FTP Server prior to version 4.2
Attack Scenarios An attacker can supply an overly long file argument with the CHMOD
command, causing a buffer overflow.
Ease of Attack Simple.  
Corrective Action Upgrade to the latest non-affected version of the software.
Additional References  
Rule References bugtraq: 10181
bugtraq: 9483
bugtraq: 9675
cve: 1999-0838
nessus: 12037