Unrated severityNVD Advisory· Published Apr 15, 2004· Updated Apr 16, 2026
CVE-2004-0148
CVE-2004-0148
Description
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
Affected products
23cpe:2.3:a:washington_university:wu-ftpd:2.4.1:*:*:*:*:*:*:*+ 20 more
- cpe:2.3:a:washington_university:wu-ftpd:2.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18:*:academ:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr10:*:*:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr11:*:*:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr12:*:*:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr13:*:*:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr14:*:*:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr15:*:*:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr4:*:*:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr5:*:*:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr6:*:*:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr7:*:*:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr8:*:*:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr9:*:*:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta2:*:academ:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.4.2_vr16:*:*:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.4.2_vr17:*:*:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:washington_university:wu-ftpd:2.6.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- www.debian.org/security/2004/dsa-457nvdPatchVendor Advisory
- www.redhat.com/support/errata/RHSA-2004-096.htmlnvdPatchVendor Advisory
- www.securityfocus.com/bid/9832nvdPatchVendor Advisory
- marc.infonvd
- secunia.com/advisories/11055nvd
- secunia.com/advisories/20168nvd
- sunsolve.sun.com/search/document.donvd
- www.frsirt.com/english/advisories/2006/1867nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/15423nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1147nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1636nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1637nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A648nvd
News mentions
0No linked articles in our index yet.