Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wu-ftpd vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2003-1327
Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and previous versions, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, wh...
Washington University Wu-ftpd
7.8
CVSSv2
CVE-2003-1329
ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket bound to the same local address," does not close failed connections, which allows remote malicious users to cause a denial of service.
Washington University Wu-ftpd 2.6.2
7.6
CVSSv2
CVE-1999-0955
Race condition in wu-ftpd and BSDI ftpd allows remote malicious users to gain root access via the SITE EXEC command.
Washington University Wu-ftpd 2.4.1
7.5
CVSSv2
CVE-2001-0550
wu-ftpd 2.6.1 allows remote malicious users to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).
David Madore Ftpd-bsd 0.3.3
Washington University Wu-ftpd 2.5.0
Washington University Wu-ftpd 2.6.0
Washington University Wu-ftpd 2.6.1
David Madore Ftpd-bsd 0.3.2
2 EDB exploits
1 Github repository
7.5
CVSSv2
CVE-2001-0935
Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550.
Washington University Wu-ftpd 2.4
Washington University Wu-ftpd 2.6.0
Washington University Wu-ftpd 2.6.1
7.5
CVSSv2
CVE-1999-0997
wu-ftp with FTP conversion enabled allows an malicious user to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
Millenux Gmbh Anonftp 2.8.1
University Of Washington Wu-ftpd 2.5.0
University Of Washington Wu-ftpd 2.6.0
University Of Washington Wu-ftpd 2.4.2
Redhat Linux 6.1
Redhat Linux 5.2
Redhat Linux 6.0
1 EDB exploit
7.5
CVSSv2
CVE-1999-0017
FTP servers can allow an malicious user to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
Gnu Inet 5.01
Gnu Inet 6.01
Washington University Wu-ftpd 2.4
Gnu Inet 6.02
Sun Sunos 5.5
Ibm Aix 4.3
Sco Open Desktop 3.0
Sun Sunos 5.3
Caldera Openlinux 1.2
Sun Sunos 4.1.4
Ibm Aix 4.2
Netbsd Netbsd 1.2.1
Freebsd Freebsd 2.1.7
Siemens Reliant Unix
Netbsd Netbsd 1.0
Sun Sunos 5.4
Freebsd Freebsd 1.1
Freebsd Freebsd 1.2
Freebsd Freebsd 2.1.0
Sun Sunos 4.1.3u1
Netbsd Netbsd 1.1
Netbsd Netbsd 1.2
7.5
CVSSv2
CVE-1999-0202
The GNU tar command, when used in FTP sessions, may allow an malicious user to execute arbitrary commands.
University Of Washington Wu-ftpd 2.4.1
7.2
CVSSv2
CVE-2004-0148
wu-ftpd 2.6.2 and previous versions, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
Sgi Propack 2.3
Sgi Propack 2.4
Washington University Wu-ftpd 2.4.2 Beta18 Vr14
Washington University Wu-ftpd 2.4.2 Beta18 Vr15
Washington University Wu-ftpd 2.4.2 Beta2
Washington University Wu-ftpd 2.4.2 Vr16
Washington University Wu-ftpd 2.4.2 Beta18 Vr10
Washington University Wu-ftpd 2.4.2 Beta18 Vr11
Washington University Wu-ftpd 2.4.2 Beta18 Vr6
Washington University Wu-ftpd 2.4.2 Beta18 Vr12
Washington University Wu-ftpd 2.4.2 Beta18 Vr13
Washington University Wu-ftpd 2.4.2 Beta18 Vr8
Washington University Wu-ftpd 2.4.2 Beta18 Vr9
Washington University Wu-ftpd 2.6.2
Washington University Wu-ftpd 2.4.2 Beta18 Vr7
Washington University Wu-ftpd 2.6.0
Washington University Wu-ftpd 2.6.1
Washington University Wu-ftpd 2.4.1
Washington University Wu-ftpd 2.4.2 Beta18
Washington University Wu-ftpd 2.4.2 Beta18 Vr4
Washington University Wu-ftpd 2.4.2 Beta18 Vr5
Washington University Wu-ftpd 2.4.2 Vr17
5
CVSSv2
CVE-2005-0256
The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote malicious users to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command.
Washington University Wu-ftpd 2.6.1
Washington University Wu-ftpd 2.6.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29758
CVE-2023-42931
unauthorized
CVE-2024-1540
unprivileged
CVE-2023-24955
CVE-2024-20259
logic flaw
CVE-2024-20333
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »