Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Wu\-Ftpd
(Washington_university)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 21 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
1995-11-30 | CVE-1999-0080 | Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command. | Wu\-Ftpd | N/A | ||
1997-01-11 | CVE-1999-0081 | wu-ftp allows files to be overwritten via the rnfr command. | Wu\-Ftpd | N/A | ||
1997-07-01 | CVE-1999-0156 | wu-ftpd FTP daemon allows any user and password combination. | Wu\-Ftpd | N/A | ||
1997-07-01 | CVE-1999-0076 | Buffer overflow in wu-ftp from PASV command causes a core dump. | Wu\-Ftpd | N/A | ||
1997-09-23 | CVE-1999-0955 | Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command. | Wu\-Ftpd | N/A | ||
1997-12-10 | CVE-1999-0017 | FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. | Openlinux, Freebsd, Inet, Aix, Netbsd, Open_desktop, Openserver, Unixware, Reliant_unix, Sunos, Wu\-Ftpd | N/A | ||
1999-02-09 | CVE-1999-0368 | Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. | Openlinux, Debian_linux, Proftpd, Linux, Openserver, Unixware, Slackware_linux, Wu\-Ftpd | N/A | ||
2005-05-02 | CVE-2005-0256 | The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command. | Wu\-Ftpd | N/A | ||
2004-04-15 | CVE-2004-0148 | wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead. | Propack, Wu\-Ftpd | N/A | ||
2003-12-31 | CVE-2003-1329 | ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket bound to the same local address," does not close failed connections, which allows remote attackers to cause a denial of service. | Wu\-Ftpd | N/A |