Wu-ftpd@2.6.1 Security Vulnerabilities and Issues — Wu-ftpd@2.6.1 CVE List

Lucene search

Washington UniversityWu-ftpd2.6.1

6 matches found

CVE•added 2005/05/02 4:0 a.m.•124 views

CVE-2005-0256

The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command.

5CVSS6.2AI score0.24365EPSS

CVE•added 2002/06/25 4:0 a.m.•96 views

CVE-2001-0550

wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).

7.5CVSS9.7AI score0.73511EPSS

CVE•added 2004/09/01 4:0 a.m.•63 views

CVE-2004-0148

wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.

7.2CVSS8.8AI score0.00033EPSS

CVE•added 2003/11/17 5:0 a.m.•57 views

CVE-2003-0854

ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd.

2.1CVSS5.8AI score0.00234EPSS

CVE•added 2002/02/02 5:0 a.m.•50 views

CVE-2001-0935

Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550.

7.5CVSS6.5AI score0.73511EPSS

CVE•added 2003/11/17 5:0 a.m.•45 views

CVE-2003-0853

An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.

5CVSS7.3AI score0.02438EPSS