Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Wu\-Ftpd
(Washington_university)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 21 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2003-12-31 | CVE-2003-1327 | Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator. | Wu\-Ftpd | N/A | ||
| 2003-11-17 | CVE-2003-0854 | ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd. | Fileutils, Wu\-Ftpd | N/A | ||
| 2003-11-17 | CVE-2003-0853 | An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd. | Fileutils, Wu\-Ftpd | N/A | ||
| 2001-11-28 | CVE-2001-0935 | Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550. | Wu\-Ftpd | N/A | ||
| 2001-11-30 | CVE-2001-0550 | wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob). | Ftpd\-Bsd, Wu\-Ftpd | N/A | ||
| 2001-03-26 | CVE-2001-0187 | Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment. | Wu\-Ftpd | N/A | ||
| 2000-07-07 | CVE-2000-0574 | FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands. | Ftpd, Wu\-Ftpd | N/A | ||
| 1997-07-04 | CVE-1999-1326 | wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files. | Wu\-Ftpd | N/A | ||
| 1999-08-22 | CVE-1999-0878 | Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR. | Beroftpd, Wu\-Ftpd | N/A | ||
| 1996-10-16 | CVE-1999-0075 | PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password. | Wu\-Ftpd | N/A |