4 matches found
Debian DSA-1006-1 : wzdftpd - missing input sanitising
'kcope' discovered that the wzdftpd FTP server lacks input sanitising for the SITE command, which may lead to the execution of arbitrary shell commands. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...
[SECURITY] [DSA 1006-1] New wzdftpd packages fix arbitrary shell command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1006-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 16th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1006-1] New wzdftpd packages fix arbitrary shell command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1006-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 16th, 2005 http://www.debian.org/security/faq -...
CVE-2005-3081
CVE-2005-3081 - wzdftpd allows remote authenticated users to execute arbitrary shell commands via shell metacharacters in the SITE command due to missing input sanitising in wzdftpd. Public advisories note this as a remote command execution vulnerability. Debian/DSA-1006-1 fixes the issue in the ...