WU-FTPD site_exec() Function Remote Format String

The version of WU-FTPD hosted on the remote server does not properly sanitize the argument of the SITE EXEC command. It may be possible for a remote attacker to gain root access. This script was written by Alexis de Bernis Changes by Tenable: - rely on the banner if we could not log in - changed...

Удаленный root через WU-FTPD

Классическое переполнение буфера в site exec...

CVE-1999-0561

CVE-1999-0561 affects IIS where the #exec function is enabled for Server Side Include (SSI) files. The root cause is the SSI #exec handling, enabling potential command execution. Affected product: IIS; vulnerability details and exploitation status are not fully provided in the supplied documents....

CVE-1999-0561

IIS has the exec function enabled for Server Side Include SSI files...

CVE-1999-0955

Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command...

WU-FTPD 2.4.22.5 .02.6.0 - Remote Format String Stack Overwrite (1)

WU-FTPD 2.4.22.5 .02.6.0 - Remote Format String Stack Overwrite 1 // source: https://www.securityfocus.com/bid/1387/info Washington University ftp daemon wu-ftpd is a very popular unix ftp server shipped with many distributions of Linux and other UNIX operating systems. Wu-ftpd is vulnerable to a...

WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1)

// source: https://www.securityfocus.com/bid/1387/info Washington University ftp daemon wu-ftpd is a very popular unix ftp server shipped with many distributions of Linux and other UNIX operating systems. Wu-ftpd is vulnerable to a very serious remote attack in the SITE EXEC implementation. Becau...

CVE-1999-0080

CVE-1999-0080 affects wu-ftp FTP server 2.4 where PATH_EXECPATH can point to a directory with dangerous commands (e.g., /bin). This misconfiguration allows remote authenticated users to gain root access via the SITE EXEC command. Remediation: upgrade to Wu-FTPD 2.4 or later or adjust PATH EXECPAT...

CVE-1999-0080

Certain configurations of wu-ftp FTP server 2.4 use a PATHEXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command...

seagate.backup.exec.vb.txt

Date: Tue, 16 Feb 1999 11:59:30 -0800 From: Jeffrey Monroe To: [email protected] Subject: Backup Exec/McAfee Virus We have found that the Seagate Backup Exec virus scanning software McAfee can delete "non-infected" Visual Basic class files. Anyone creating custom software could fin...

WU-FTPD SITE EXEC Arbitrary Local Command Execution

The remote host is running a version of WU-FTPD that is affected by a command execution vulnerability. It is possible to execute arbitrary command son the remote host using the 'site exec' FTP problem. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10090;...

CVE-1999-0561

IIS has the exec function enabled for Server Side Include SSI files...

CVE-1999-0955

Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command...

PT-1995-1003 · Washington University · Wu-Ftp Ftp Server

Name of the Vulnerable Software and Affected Versions: wu-ftp FTP server version 2.4 Description: The issue concerns certain configurations of the wu-ftp FTP server that use a PATH EXECPATH setting to a directory with dangerous commands, such as /bin. This configuration allows remote authenticate...