1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: UplusFTP CWD Command BO

Attack: UplusFTP CWD Command BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects an attempt to exploit a buffer overflow vulnerability in UplusFtp Server which could result in remote code execution or cause a denial-of-service.

Additional Information

UplusFtp is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data. The following FTP commands are vulnerable: 'APPE', 'DELE', 'LIST', 'MKD', 'NLST', and 'CWD'.


  • UplusFtp is vulnerable; prior versions, including Easy Ftp Server, may also be affected.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube