16 matches found
CVE-1999-0080
Certain configurations of wu-ftp FTP server 2.4 use a PATHEXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command...
EUVD-1999-0080
Malware in sbrugna...
EUVD-1999-0936
Malware in sbrugna...
CVE-1999-0955
Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command...
FTP Attack - Successful SITE EXEC Command
Binary data 6217.prm...
Serv-U privilege escalation
With SITE EXEC command from local interface it's possible to execute any command with system privileges...
CVE-2000-0573
Summary (CVE-2000-0573) The vulnerability affects Wu-ftpd prior to 2.6.1, where the lreply/SITE EXEC (and SITE INDEX) path does not sanitize an untrusted format string. This allows remote attackers to execute arbitrary code (reported as root access) by sending crafted SITE EXEC/INDEX commands. Pu...
WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3)
source: https://www.securityfocus.com/bid/1387/info Washington University ftp daemon wu-ftpd is a very popular unix ftp server shipped with many distributions of Linux and other UNIX operating systems. Wu-ftpd is vulnerable to a very serious remote attack in the SITE EXEC implementation. Because ...
Format string input validation error in wu-ftpd site_exec() function
Overview A vulnerability involving an input validation error in the "site exec" command has recently been identified in the Washington University ftpd wu-ftpd software package. Sites running affected systems are advised to update their wu-ftpd software as soon as possible. A similar but distinct...
WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (2)
// source: https://www.securityfocus.com/bid/1387/info Washington University ftp daemon wu-ftpd is a very popular unix ftp server shipped with many distributions of Linux and other UNIX operating systems. Wu-ftpd is vulnerable to a very serious remote attack in the SITE EXEC implementation. Becau...
WU-FTPD site_exec() Function Remote Format String
The version of WU-FTPD hosted on the remote server does not properly sanitize the argument of the SITE EXEC command. It may be possible for a remote attacker to gain root access. This script was written by Alexis de Bernis Changes by Tenable: - rely on the banner if we could not log in - changed...
CVE-1999-0955
Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command...
WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1)
// source: https://www.securityfocus.com/bid/1387/info Washington University ftp daemon wu-ftpd is a very popular unix ftp server shipped with many distributions of Linux and other UNIX operating systems. Wu-ftpd is vulnerable to a very serious remote attack in the SITE EXEC implementation. Becau...
WU-FTPD 2.4.22.5 .02.6.0 - Remote Format String Stack Overwrite (1)
WU-FTPD 2.4.22.5 .02.6.0 - Remote Format String Stack Overwrite 1 // source: https://www.securityfocus.com/bid/1387/info Washington University ftp daemon wu-ftpd is a very popular unix ftp server shipped with many distributions of Linux and other UNIX operating systems. Wu-ftpd is vulnerable to a...
CVE-1999-0080
Certain configurations of wu-ftp FTP server 2.4 use a PATHEXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command...
CVE-1999-0080
CVE-1999-0080 affects wu-ftp FTP server 2.4 where PATH_EXECPATH can point to a directory with dangerous commands (e.g., /bin). This misconfiguration allows remote authenticated users to gain root access via the SITE EXEC command. Remediation: upgrade to Wu-FTPD 2.4 or later or adjust PATH EXECPAT...