wu-ftpd 2.6.1 allows remote malicious users to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
david madore ftpd-bsd 0.3.3 |
||
washington university wu-ftpd 2.5.0 |
||
washington university wu-ftpd 2.6.0 |
||
washington university wu-ftpd 2.6.1 |
||
david madore ftpd-bsd 0.3.2 |