Lucene search
HistoryDec 20, 1999 - 5:00 a.m.
CVE-1999-0997
cve-1999-0997
wu-ftp
ftp conversion
command execution vulnerability
nvd
6.8 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.125 Low
EPSS
Percentile
95.4%
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
References
Related
openvas
openvas
Slackware Advisory SSA:2003-259-03 WU-FTPD Security Advisory
2012-09-11 00:00:00
Debian Security Advisory DSA 377-1 (wu-ftpd)
2008-01-17 00:00:00
Debian Security Advisory DSA 377-1 (wu-ftpd)
2008-01-17 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA-377-1] New wu-ftpd packages fix insecure program execution
2003-09-06 00:00:00
osv
osv
wu-ftpd - insecure program execution
2003-09-04 00:00:00
redhatcve
redhatcve
CVE-1999-0997
2015-10-30 09:22:06
slackware
slackware
WU-FTPD Security Advisory
2003-09-23 23:07:06
debian
debian
[SECURITY] [DSA-377-1] New wu-ftpd packages fix insecure program execution
2003-09-04 00:00:00
nessus
nessus
Debian DSA-377-1 : wu-ftpd - insecure program execution
2004-09-29 00:00:00
6.8 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.125 Low
EPSS
Percentile
95.4%
Related for CVE-1999-0997