Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Wu\-Ftpd
(Washington_university)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 21 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2004-03-15 | CVE-2004-0185 | Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name. | Wu\-Ftpd | N/A | ||
| 1995-11-30 | CVE-1999-0080 | Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command. | Wu\-Ftpd | N/A | ||
| 1997-01-11 | CVE-1999-0081 | wu-ftp allows files to be overwritten via the rnfr command. | Wu\-Ftpd | N/A | ||
| 1997-07-01 | CVE-1999-0156 | wu-ftpd FTP daemon allows any user and password combination. | Wu\-Ftpd | N/A | ||
| 1997-07-01 | CVE-1999-0076 | Buffer overflow in wu-ftp from PASV command causes a core dump. | Wu\-Ftpd | N/A | ||
| 1997-09-23 | CVE-1999-0955 | Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command. | Wu\-Ftpd | N/A | ||
| 1997-12-10 | CVE-1999-0017 | FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. | Openlinux, Freebsd, Inet, Aix, Netbsd, Open_desktop, Openserver, Unixware, Reliant_unix, Sunos, Wu\-Ftpd | N/A | ||
| 1999-02-09 | CVE-1999-0368 | Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. | Openlinux, Debian_linux, Proftpd, Linux, Openserver, Unixware, Slackware_linux, Wu\-Ftpd | N/A | ||
| 2005-05-02 | CVE-2005-0256 | The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command. | Wu\-Ftpd | N/A | ||
| 2004-04-15 | CVE-2004-0148 | wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead. | Propack, Wu\-Ftpd | N/A |