Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2005-0256

Published: 02/05/2005 Updated: 11/10/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Wu-ftpd

Vulnerability Summary

The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote malicious users to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command.

Vulnerable Product Search on Vulmon Subscribe to Product

washington university wu-ftpd 2.6.1

washington university wu-ftpd 2.6.2

Exploits

Exploit DB: WU-FTPD 2.6.2 - File Globbing Denial of Service
/* * wu-ftpd <= 262 File Globbing DoS * str0ke@milw0rmcom * * Advisory: wwwidefensecom/application/poi/display?id=207&type=vulnerabilities&flashstatus=true * * Adam Zabrocki (pi3 / pi3ki31ny) is credited with this discovery */ #include <sys/typesh> #include <sys/socketh> #include <netinet/inh> ...

References

CWE-119http://www.idefense.com/application/poi/display?id=207&type=vulnerabilitieshttp://www.debian.org/security/2005/dsa-705http://sunsolve.sun.com/search/document.do?assetkey=1-26-57795-1ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.63/SCOSA-2005.63.txthttp://secunia.com/advisories/18210http://secunia.com/advisories/14411http://secunia.com/advisories/19561http://sunsolve.sun.com/search/document.do?assetkey=1-26-101699-1http://www.osvdb.org/14203http://www.vupen.com/english/advisories/2006/1271http://www.vupen.com/english/advisories/2005/0588http://itrc.hp.com/service/cki/docDisplay.do?docId=c00637342https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1762https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1333https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1265https://nvd.nist.govhttps://www.exploit-db.com/exploits/842/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400CVE-2023-7252CVE-2024-21111denial of serviceCVE-2024-29661CVE-2024-22856remote attackersencryptionCVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook