CVE-2005-0958

2005-04-0305:00:00

mitre

www.cve.org

7.7 High

AI Score

Confidence

High

0.047 Low

EPSS

Percentile

92.7%

JSON

Format string vulnerability in the log_do function in log.c for YepYep mtftpd 0.0.3, when the statistics option is enabled, allows remote attackers to execute arbitrary code via the CWD command.

References

unl0ck.org/files/papers/mtftpd.txt

www.securiteam.com/exploits/5KP0W0AF5K.html

www.securityfocus.com/bid/12947

www.tripbit.org/advisories/TA-040305.txt