The lreply function in wu-ftpd 2.6.0 and previous versions does not properly cleanse an untrusted format string, which allows remote malicious users to execute arbitrary commands via the SITE EXEC command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hp hp-ux 11.00 |