MidnightBSD

Advisories for washington_university

CVE-1999-0017 HIGH

FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sun sunos 5.5
ibm aix 4.2
freebsd freebsd 1.2
netbsd netbsd 1.2.1
washington_university wu-ftpd 2.4
sun sunos 4.1.3u1
ibm aix 3.2
netbsd netbsd 1.1
sun sunos 4.1.4
siemens reliant_unix *
gnu inet 6.02
caldera openlinux 1.2
gnu inet 5.01
sun sunos 5.4
freebsd freebsd 1.0
sco openserver 5.0.4
netbsd netbsd 1.0
sun sunos 5.5.1
freebsd freebsd 2.1.0
netbsd netbsd 1.2
sco unixware 2.1
gnu inet 6.01
sco open_desktop 3.0
freebsd freebsd 2.0
ibm aix 4.1
freebsd freebsd 2.1.7
ibm aix 4.3
sun sunos 5.3
freebsd freebsd 1.1
CVE-1999-0075 MEDIUM

PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd *
CVE-1999-0076 MEDIUM

Buffer overflow in wu-ftp from PASV command causes a core dump.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd *
CVE-1999-0080 HIGH

Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd 2.4
CVE-1999-0081 MEDIUM

wu-ftp allows files to be overwritten via the rnfr command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd *
CVE-1999-0156 MEDIUM

wu-ftpd FTP daemon allows any user and password combination.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd *
CVE-1999-0368 HIGH

Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
slackware slackware_linux 3.5
sco unixware 7.0
proftpd_project proftpd 1.2_pre1
sco openserver 5.0.5
sco openserver 5.0
debian debian_linux 2.0
sco openserver 5.0.4
redhat linux 5.1
sco openserver 5.0.3
sco unixware 7.0.1
sco openserver 5.0.2
caldera openlinux 1.3
slackware slackware_linux 3.6
slackware slackware_linux 3.4
redhat linux 5.0
washington_university wu-ftpd 2.4.2_beta18_vr9
washington_university wu-ftpd 2.4.2_beta18
CVE-1999-0878 HIGH

Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd 2.4.2_vr16
washington_university wu-ftpd 2.4.2_beta18_vr4
washington_university wu-ftpd 2.4.2_beta18_vr6
washington_university wu-ftpd 2.4.2_beta18_vr13
washington_university wu-ftpd 2.4.2_vr17
washington_university wu-ftpd 2.4.2_beta18_vr11
beroftpd beroftpd 1.3.4
washington_university wu-ftpd 2.4.2_beta18_vr10
washington_university wu-ftpd 2.4.2_beta18_vr14
washington_university wu-ftpd 2.4.2_beta18_vr8
washington_university wu-ftpd 2.4.2_beta18_vr12
washington_university wu-ftpd 2.4.2_beta18_vr5
washington_university wu-ftpd 2.5
beroftpd beroftpd 1.3.2
washington_university wu-ftpd 2.4.2_beta18_vr15
beroftpd beroftpd 1.3.3
washington_university wu-ftpd 2.4.2_beta18_vr9
CVE-1999-0955 HIGH

Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd 2.4.1
CVE-1999-1326 MEDIUM

wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd 2.4
CVE-2000-0574 MEDIUM

FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd 2.4.2_vr16
openbsd ftpd 5.60
washington_university wu-ftpd 2.4.2_beta18_vr4
washington_university wu-ftpd 2.4.2_beta18_vr6
openbsd ftpd 5.51
washington_university wu-ftpd 2.4.2_beta18_vr13
washington_university wu-ftpd 2.4.2_vr17
washington_university wu-ftpd 2.4.2_beta18_vr11
washington_university wu-ftpd 2.4.2_beta18_vr10
washington_university wu-ftpd 2.4.2_beta18_vr14
washington_university wu-ftpd 2.4.2_beta18_vr8
washington_university wu-ftpd 2.4.2_beta18_vr12
washington_university wu-ftpd 2.4.2_beta18_vr5
washington_university wu-ftpd 2.5
washington_university wu-ftpd 2.4.2_beta1
washington_university wu-ftpd 2.4.2_beta18_vr7
washington_university wu-ftpd 2.6
washington_university wu-ftpd 2.4.2_beta18_vr15
washington_university wu-ftpd 2.4.2_beta18_vr9
washington_university wu-ftpd 2.4.2_beta18
CVE-2001-0187 HIGH

Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd 2.4.2_vr16
washington_university wu-ftpd 2.4.2_beta18_vr4
washington_university wu-ftpd 2.4.2_beta18_vr6
washington_university wu-ftpd 2.4.2_beta18_vr13
washington_university wu-ftpd 2.4.2_vr17
washington_university wu-ftpd 2.4.2_beta18_vr11
washington_university wu-ftpd 2.4.2_beta18_vr10
washington_university wu-ftpd 2.4.2_beta18_vr14
washington_university wu-ftpd 2.4.2_beta18_vr8
washington_university wu-ftpd 2.4.2_beta9
washington_university wu-ftpd 2.4.2_beta18_vr12
washington_university wu-ftpd 2.4.2_beta18_vr5
washington_university wu-ftpd 2.5
washington_university wu-ftpd 2.4.1
washington_university wu-ftpd 2.4.2_beta18_vr7
washington_university wu-ftpd 2.6
washington_university wu-ftpd 2.4.2_beta18_vr15
washington_university wu-ftpd 2.4.2_beta18_vr9
washington_university wu-ftpd 2.4.2_beta18
CVE-2001-0550 HIGH

wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd 2.5.0
david_madore ftpd-bsd 0.3.2
washington_university wu-ftpd 2.6.1
david_madore ftpd-bsd 0.3.3
washington_university wu-ftpd 2.6.0
CVE-2001-0935 HIGH

Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd 2.6.1
washington_university wu-ftpd 2.4
washington_university wu-ftpd 2.6.0
CVE-2003-0853 MEDIUM

An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd 2.4.2_vr16
gnu fileutils 4.1.6
washington_university wu-ftpd 2.4.2_vr17
washington_university wu-ftpd 2.4.2_beta18_vr11
washington_university wu-ftpd 2.4.2_beta18_vr10
washington_university wu-ftpd 2.4.2_beta18_vr8
washington_university wu-ftpd 2.6.2
washington_university wu-ftpd 2.4.2_beta18_vr12
washington_university wu-ftpd 2.4.1
washington_university wu-ftpd 2.6.1
washington_university wu-ftpd 2.4.2_beta18_vr7
washington_university wu-ftpd 2.4.2_beta18_vr15
gnu fileutils 4.0
washington_university wu-ftpd 2.4.2_beta18_vr9
washington_university wu-ftpd 2.4.2_beta2
gnu fileutils 4.0.36
washington_university wu-ftpd 2.4.2_beta18_vr4
washington_university wu-ftpd 2.4.2_beta18_vr6
washington_university wu-ftpd 2.4.2_beta18_vr13
washington_university wu-ftpd 2.6.0
washington_university wu-ftpd 2.4.2_beta18_vr14
gnu fileutils 4.1
washington_university wu-ftpd 2.5.0
washington_university wu-ftpd 2.4.2_beta18_vr5
gnu fileutils 4.1.7
washington_university wu-ftpd 2.4.2_beta18
CVE-2003-0854 LOW

ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd 2.4.2_vr16
gnu fileutils 4.1.6
washington_university wu-ftpd 2.4.2_vr17
washington_university wu-ftpd 2.4.2_beta18_vr11
washington_university wu-ftpd 2.4.2_beta18_vr10
washington_university wu-ftpd 2.4.2_beta18_vr8
washington_university wu-ftpd 2.6.2
washington_university wu-ftpd 2.4.2_beta18_vr12
washington_university wu-ftpd 2.4.1
washington_university wu-ftpd 2.6.1
washington_university wu-ftpd 2.4.2_beta18_vr7
washington_university wu-ftpd 2.4.2_beta18_vr15
gnu fileutils 4.0
washington_university wu-ftpd 2.4.2_beta18_vr9
washington_university wu-ftpd 2.4.2_beta2
gnu fileutils 4.0.36
washington_university wu-ftpd 2.4.2_beta18_vr4
washington_university wu-ftpd 2.4.2_beta18_vr6
washington_university wu-ftpd 2.4.2_beta18_vr13
washington_university wu-ftpd 2.6.0
washington_university wu-ftpd 2.4.2_beta18_vr14
gnu fileutils 4.1
washington_university wu-ftpd 2.5.0
washington_university wu-ftpd 2.4.2_beta18_vr5
gnu fileutils 4.1.7
washington_university wu-ftpd 2.4.2_beta18
CVE-2003-1327 HIGH

Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd *
CVE-2003-1329 HIGH

ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket bound to the same local address," does not close failed connections, which allows remote attackers to cause a denial of service.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd 2.6.2
CVE-2004-0148 HIGH

wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd 2.4.2_vr16
washington_university wu-ftpd 2.4.2_beta18_vr4
washington_university wu-ftpd 2.4.2_beta18_vr6
washington_university wu-ftpd 2.4.2_beta18_vr13
washington_university wu-ftpd 2.4.2_vr17
sgi propack 2.3
washington_university wu-ftpd 2.4.2_beta18_vr11
sgi propack 2.4
washington_university wu-ftpd 2.6.0
washington_university wu-ftpd 2.4.2_beta18_vr10
washington_university wu-ftpd 2.4.2_beta18_vr14
washington_university wu-ftpd 2.4.2_beta18_vr8
washington_university wu-ftpd 2.6.2
washington_university wu-ftpd 2.4.2_beta18_vr12
washington_university wu-ftpd 2.5.0
washington_university wu-ftpd 2.4.2_beta18_vr5
washington_university wu-ftpd 2.4.1
washington_university wu-ftpd 2.6.1
washington_university wu-ftpd 2.4.2_beta18_vr7
washington_university wu-ftpd 2.4.2_beta18_vr15
washington_university wu-ftpd 2.4.2_beta18_vr9
washington_university wu-ftpd 2.4.2_beta2
washington_university wu-ftpd 2.4.2_beta18
CVE-2004-0185 HIGH

Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd 2.6.2
CVE-2005-0256 MEDIUM

The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
washington_university wu-ftpd 2.6.2
washington_university wu-ftpd 2.6.1