Ftpd
Products
2- 18 CVEs
- 2 CVEs
Recent CVEs
19| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2003-0466 | Cri | 0.73 | 9.8 | 0.78 | Aug 27, 2003 | Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow,… | ||
| CVE-2000-0573 | 0.11 | — | 0.96 | Jul 7, 2000 | The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command. | |||
| CVE-2001-0550 | 0.09 | — | 0.75 | Nov 30, 2001 | wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob). | |||
| CVE-1999-0661 | 0.07 | — | 0.54 | Jan 1, 1999 | A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail… | |||
| CVE-1999-0911 | 0.06 | — | 0.38 | Aug 27, 1999 | Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories. | |||
| CVE-2000-0131 | 0.04 | — | 0.08 | Feb 1, 2000 | Buffer overflow in War FTPd 1.6x allows users to cause a denial of service via long MKD and CWD commands. | |||
| CVE-1999-0879 | 0.04 | — | 0.10 | Oct 1, 1999 | Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file. | |||
| CVE-2005-0256 | 0.03 | — | 0.05 | May 2, 2005 | The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command. | |||
| CVE-2003-0854 | 0.03 | — | 0.01 | Nov 17, 2003 | ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd. | |||
| CVE-2001-0187 | 0.03 | — | 0.06 | Mar 26, 2001 | Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment. | |||
| CVE-2004-0185 | 0.01 | — | 0.07 | Mar 15, 2004 | Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name. | |||
| CVE-2008-1668 | 0.00 | — | 0.04 | Aug 13, 2008 | ftpd.c in (1) wu-ftpd 2.4.2 and (2) ftpd in HP HP-UX B.11.11 assigns uid 0 to the FTP client in certain operating-system misconfigurations in which PAM authentication can succeed even though no passwd entry is available for a user, which allows remote attackers to gain… | |||
| CVE-2006-7094 | 0.00 | — | 0.03 | Mar 2, 2007 | ftpd, as used by Gentoo and Debian Linux, sets the gid to the effective uid instead of the effective group id before executing /bin/ls, which allows remote authenticated users to list arbitrary directories with the privileges of gid 0 and possibly enable additional attack… | |||
| CVE-2003-1329 | 0.00 | — | 0.01 | Dec 31, 2003 | ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket bound to the same local address," does not close failed connections, which allows remote attackers to cause a denial of service. | |||
| CVE-2001-0935 | 0.00 | — | 0.01 | Nov 28, 2001 | Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550. | |||
| CVE-1999-0880 | 0.00 | — | 0.01 | Oct 1, 1999 | Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly. | |||
| CVE-1999-0878 | 0.00 | — | 0.02 | Aug 22, 1999 | Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR. | |||
| CVE-1999-1326 | 0.00 | — | 0.02 | Jul 4, 1997 | wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files. | |||
| CVE-1999-0075 | 0.00 | — | 0.02 | Oct 16, 1996 | PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password. |
- risk 0.73cvss 9.8epss 0.78
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow,…
- CVE-2000-0573Jul 7, 2000risk 0.11cvss —epss 0.96
The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.
- CVE-2001-0550Nov 30, 2001risk 0.09cvss —epss 0.75
wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).
- CVE-1999-0661Jan 1, 1999risk 0.07cvss —epss 0.54
A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail…
- CVE-1999-0911Aug 27, 1999risk 0.06cvss —epss 0.38
Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories.
- CVE-2000-0131Feb 1, 2000risk 0.04cvss —epss 0.08
Buffer overflow in War FTPd 1.6x allows users to cause a denial of service via long MKD and CWD commands.
- CVE-1999-0879Oct 1, 1999risk 0.04cvss —epss 0.10
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file.
- CVE-2005-0256May 2, 2005risk 0.03cvss —epss 0.05
The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command.
- CVE-2003-0854Nov 17, 2003risk 0.03cvss —epss 0.01
ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd.
- CVE-2001-0187Mar 26, 2001risk 0.03cvss —epss 0.06
Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment.
- CVE-2004-0185Mar 15, 2004risk 0.01cvss —epss 0.07
Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name.
- CVE-2008-1668Aug 13, 2008risk 0.00cvss —epss 0.04
ftpd.c in (1) wu-ftpd 2.4.2 and (2) ftpd in HP HP-UX B.11.11 assigns uid 0 to the FTP client in certain operating-system misconfigurations in which PAM authentication can succeed even though no passwd entry is available for a user, which allows remote attackers to gain…
- CVE-2006-7094Mar 2, 2007risk 0.00cvss —epss 0.03
ftpd, as used by Gentoo and Debian Linux, sets the gid to the effective uid instead of the effective group id before executing /bin/ls, which allows remote authenticated users to list arbitrary directories with the privileges of gid 0 and possibly enable additional attack…
- CVE-2003-1329Dec 31, 2003risk 0.00cvss —epss 0.01
ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket bound to the same local address," does not close failed connections, which allows remote attackers to cause a denial of service.
- CVE-2001-0935Nov 28, 2001risk 0.00cvss —epss 0.01
Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550.
- CVE-1999-0880Oct 1, 1999risk 0.00cvss —epss 0.01
Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly.
- CVE-1999-0878Aug 22, 1999risk 0.00cvss —epss 0.02
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR.
- CVE-1999-1326Jul 4, 1997risk 0.00cvss —epss 0.02
wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files.
- CVE-1999-0075Oct 16, 1996risk 0.00cvss —epss 0.02
PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password.