VYPR

Vendor CVEs

University of Washington

All CVEs

59 total · sorted by risk
  • CVE-1999-0955Sep 23, 1997
    risk 0.00cvss epss 0.03

    Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command.

  • CVE-1999-1326Jul 4, 1997
    risk 0.00cvss epss 0.02

    wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files.

  • CVE-1999-0156Jul 1, 1997
    risk 0.00cvss epss 0.00

    wu-ftpd FTP daemon allows any user and password combination.

  • CVE-1999-0076Jul 1, 1997
    risk 0.00cvss epss 0.02

    Buffer overflow in wu-ftp from PASV command causes a core dump.

  • CVE-1999-0081Jan 11, 1997
    risk 0.00cvss epss 0.02

    wu-ftp allows files to be overwritten via the rnfr command.

  • CVE-1999-0202Jan 1, 1997
    risk 0.00cvss epss 0.02

    The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands.

  • CVE-1999-0075Oct 16, 1996
    risk 0.00cvss epss 0.02

    PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password.

  • CVE-1999-1187Aug 26, 1996
    risk 0.00cvss epss 0.00

    Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail.

  • CVE-1999-0080Nov 30, 1995
    risk 0.00cvss epss 0.04

    Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command.

Page 2 of 2