CVE-1999-0081

wu-ftp allows files to be overwritten via the rnfr command...

CVE-1999-0076

Buffer overflow in wu-ftp from PASV command causes a core dump...

CVE-1999-0080

Certain configurations of wu-ftp FTP server 2.4 use a PATHEXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command...

EUVD-2004-0185

Malware in sbrugna...

EUVD-1999-0081

Malware in sbrugna...

EUVD-1999-0080

Malware in sbrugna...

EUVD-2001-0187

Malware in sbrugna...

EUVD-1999-0076

Malware in sbrugna...

SUSE CVE-2000-0573

The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command...

SUSE CVE-2004-0148

wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead...

CVE-2001-0187

Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment...

CVE-1999-0997

wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress...

ownCloud: apps.owncloud.com: SSL Server Allows Anonymous Authentication Vulnerability (SMTP)

Domain: https://apps.owncloud.com The Secure Socket Layer SSL protocol allows for secure communication between a client and a server. The client usually authenticates the server using an algorithm like RSA or DSS. Some SSL ciphers allow SSL communication without authentication. Most common Web...

Debian Security Advisory DSA 357-1 (wu-ftpd)

The remote host is missing an update to wu-ftpd announced via advisory DSA 357-1. OpenVAS Vulnerability Test $Id: deb3571.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 357-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

HP-UX PHNE_18377 : HPSBUX9912-106 Security Vulnerability in wu-ftp (rev.2)

s700800 11.00 ftpd1M and ftp1 patch : Multiple vulnerabilities in wu-ftp software. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHNE18377. The text itself is copyright C Hewlett-Packard Development Company,...

HP-UX PHNE_20681 : HPSBUX9912-106 Security Vulnerability in wu-ftp (rev.2)

s700800 11.04 VVOS ftpd1M and ftp1 patch : Multiple vulnerabilities in wu-ftp software. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHNE20681. The text itself is copyright C Hewlett-Packard Development...

CVE-2004-0185

Buffer overflow in the skeychallenge function in ftpd.c for wu-ftp daemon wu-ftpd 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key SKEY request with a long name...

PT-2004-1354 · Washington University · Wu-Ftpd

Name of the Vulnerable Software and Affected Versions: wu-ftpd version 2.6.2 Description: The issue is related to a buffer overflow in the skey challenge function, which can be triggered by a remote attacker sending a s/key request with a long name. This could lead to a denial of service and...

PT-2003-1043 · Washington University · Wu-Ftpd

Name of the Vulnerable Software and Affected Versions: wu-ftpd versions 2.5.0 through 2.6.2 Description: The issue is related to an off-by-one error in the fb realpath function, which may allow attackers to execute arbitrary code. This can be triggered by commands that cause pathnames of length...

CVE-1999-1411

The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp...