CVE-2000-0573

creationtimestamp| type| source ---|---|--- 2010-11-30 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16311 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/ftp/wuftpdsiteexecformat.rb 2025-02-06 03:13:37+00:00| see...

WU-FTPD SITE EXEC/INDEX Format String Vulnerability

This module exploits a format string vulnerability in versions of the Washington University FTP server older than 2.6.1. By executing specially crafted SITE EXEC or SITE INDEX commands containing format specifiers, an attacker can corrupt memory and execute arbitrary code. This module requires...

CVE-2000-0573

The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command...

Immunity Canvas: WUFTPD_SEXEC

Name| wuftpdsexec ---|--- CVE| CVE-2000-0573 Exploit Pack| CANVAS Description| WuFTPD SITE EXEC Formatstring Bug Notes| References: http://www.securityfocus.com/bid/1387 CVE Name: CVE-2000-0573 VENDOR: wuftpd.org Repeatability: Multiple tries Date public: 22-06-2000 CERT Advisory:...

CVE-2000-0573

The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command...

WU-FTPD site_exec() Function Remote Format String

The version of WU-FTPD hosted on the remote server does not properly sanitize the argument of the SITE EXEC command. It may be possible for a remote attacker to gain root access. This script was written by Alexis de Bernis Changes by Tenable: - rely on the banner if we could not log in - changed...