Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wu-ftpd vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2003-0466
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow malicious users to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 up to and including 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buff...
Wuftpd Wu-ftpd
Redhat Wu Ftpd 2.6.1-16
Apple Mac Os X Server 10.2.6
Apple Mac Os X 10.2.6
Sun Solaris 9.0
Freebsd Freebsd
Netbsd Netbsd
Openbsd Openbsd
5 EDB exploits
NA
CVE-2008-1668
ftpd.c in (1) wu-ftpd 2.4.2 and (2) ftpd in HP HP-UX B.11.11 assigns uid 0 to the FTP client in certain operating-system misconfigurations in which PAM authentication can succeed even though no passwd entry is available for a user, which allows remote malicious users to gain priv...
Hp Hp-ux 11.11
NA
CVE-2005-0256
The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote malicious users to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command.
Washington University Wu-ftpd 2.6.1
Washington University Wu-ftpd 2.6.2
1 EDB exploit
NA
CVE-2004-0148
wu-ftpd 2.6.2 and previous versions, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
Sgi Propack 2.3
Sgi Propack 2.4
Washington University Wu-ftpd 2.4.2 Beta18 Vr14
Washington University Wu-ftpd 2.4.2 Beta18 Vr15
Washington University Wu-ftpd 2.4.2 Beta2
Washington University Wu-ftpd 2.4.2 Vr16
Washington University Wu-ftpd 2.4.2 Beta18 Vr10
Washington University Wu-ftpd 2.4.2 Beta18 Vr11
Washington University Wu-ftpd 2.4.2 Beta18 Vr6
Washington University Wu-ftpd 2.4.2 Beta18 Vr12
Washington University Wu-ftpd 2.4.2 Beta18 Vr13
Washington University Wu-ftpd 2.4.2 Beta18 Vr8
Washington University Wu-ftpd 2.4.2 Beta18 Vr9
Washington University Wu-ftpd 2.6.2
Washington University Wu-ftpd 2.4.2 Beta18 Vr7
Washington University Wu-ftpd 2.6.0
Washington University Wu-ftpd 2.6.1
Washington University Wu-ftpd 2.4.1
Washington University Wu-ftpd 2.4.2 Beta18
Washington University Wu-ftpd 2.4.2 Beta18 Vr4
Washington University Wu-ftpd 2.4.2 Beta18 Vr5
Washington University Wu-ftpd 2.4.2 Vr17
NA
CVE-2004-0185
Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name.
Washington University Wu-ftpd 2.6.2
NA
CVE-2003-1329
ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket bound to the same local address," does not close failed connections, which allows remote malicious users to cause a denial of service.
Washington University Wu-ftpd 2.6.2
NA
CVE-2003-1327
Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and previous versions, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, wh...
Washington University Wu-ftpd
NA
CVE-2003-0854
ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd.
Washington University Wu-ftpd 2.4.2 Beta18
Washington University Wu-ftpd 2.4.2 Beta18 Vr10
Washington University Wu-ftpd 2.4.2 Beta18 Vr5
Washington University Wu-ftpd 2.4.2 Beta18 Vr6
Washington University Wu-ftpd 2.4.2 Beta18 Vr7
Washington University Wu-ftpd 2.6.0
Washington University Wu-ftpd 2.6.1
Gnu Fileutils 4.1.7
Washington University Wu-ftpd 2.4.1
Washington University Wu-ftpd 2.4.2 Beta18 Vr15
Washington University Wu-ftpd 2.4.2 Beta18 Vr4
Washington University Wu-ftpd 2.4.2 Vr17
Washington University Wu-ftpd 2.5.0
Gnu Fileutils 4.0
Gnu Fileutils 4.0.36
Washington University Wu-ftpd 2.4.2 Beta18 Vr11
Washington University Wu-ftpd 2.4.2 Beta18 Vr12
Washington University Wu-ftpd 2.4.2 Beta18 Vr8
Washington University Wu-ftpd 2.4.2 Beta18 Vr9
Washington University Wu-ftpd 2.6.2
Gnu Fileutils 4.1
Gnu Fileutils 4.1.6
1 EDB exploit
NA
CVE-2003-0853
An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.
Gnu Fileutils 4.0
Gnu Fileutils 4.1
Washington University Wu-ftpd 2.4.2 Beta18 Vr10
Washington University Wu-ftpd 2.4.2 Beta18 Vr12
Washington University Wu-ftpd 2.4.2 Beta18 Vr14
Washington University Wu-ftpd 2.4.2 Beta18 Vr7
Washington University Wu-ftpd 2.4.2 Beta18 Vr9
Washington University Wu-ftpd 2.6.2
Gnu Fileutils 4.1.6
Gnu Fileutils 4.1.7
Washington University Wu-ftpd 2.4.1
Washington University Wu-ftpd 2.4.2 Beta18
Washington University Wu-ftpd 2.4.2 Vr16
Washington University Wu-ftpd 2.4.2 Vr17
Washington University Wu-ftpd 2.5.0
Washington University Wu-ftpd 2.6.0
Washington University Wu-ftpd 2.4.2 Beta18 Vr15
Washington University Wu-ftpd 2.4.2 Beta18 Vr4
Washington University Wu-ftpd 2.4.2 Beta18 Vr5
Washington University Wu-ftpd 2.4.2 Beta18 Vr6
Gnu Fileutils 4.0.36
Washington University Wu-ftpd 2.4.2 Beta18 Vr11
1 EDB exploit
NA
CVE-2001-1501
The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote malicious users to cause a denial of service (CPU and memory consumption) via commands with large numbers of wildcard and other special characters, as demonstrated using an ls command with multiple...
Proftpd Project Proftpd 1.2.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »