FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | sunos | 5.5 |
| ibm | aix | 4.2 |
| freebsd | freebsd | 1.2 |
| netbsd | netbsd | 1.2.1 |
| washington_university | wu-ftpd | 2.4 |
| sun | sunos | 4.1.3u1 |
| ibm | aix | 3.2 |
| netbsd | netbsd | 1.1 |
| sun | sunos | 4.1.4 |
| siemens | reliant_unix | * |
| gnu | inet | 6.02 |
| caldera | openlinux | 1.2 |
| gnu | inet | 5.01 |
| sun | sunos | 5.4 |
| freebsd | freebsd | 1.0 |
| sco | openserver | 5.0.4 |
| netbsd | netbsd | 1.0 |
| sun | sunos | 5.5.1 |
| freebsd | freebsd | 2.1.0 |
| netbsd | netbsd | 1.2 |
| sco | unixware | 2.1 |
| gnu | inet | 6.01 |
| sco | open_desktop | 3.0 |
| freebsd | freebsd | 2.0 |
| ibm | aix | 4.1 |
| freebsd | freebsd | 2.1.7 |
| ibm | aix | 4.3 |
| sun | sunos | 5.3 |
| freebsd | freebsd | 1.1 |
PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | * |
Buffer overflow in wu-ftp from PASV command causes a core dump.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | * |
Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | 2.4 |
wu-ftp allows files to be overwritten via the rnfr command.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | * |
wu-ftpd FTP daemon allows any user and password combination.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | * |
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| slackware | slackware_linux | 3.5 |
| sco | unixware | 7.0 |
| proftpd_project | proftpd | 1.2_pre1 |
| sco | openserver | 5.0.5 |
| sco | openserver | 5.0 |
| debian | debian_linux | 2.0 |
| sco | openserver | 5.0.4 |
| redhat | linux | 5.1 |
| sco | openserver | 5.0.3 |
| sco | unixware | 7.0.1 |
| sco | openserver | 5.0.2 |
| caldera | openlinux | 1.3 |
| slackware | slackware_linux | 3.6 |
| slackware | slackware_linux | 3.4 |
| redhat | linux | 5.0 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr9 |
| washington_university | wu-ftpd | 2.4.2_beta18 |
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | 2.4.2_vr16 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr4 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr6 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr13 |
| washington_university | wu-ftpd | 2.4.2_vr17 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr11 |
| beroftpd | beroftpd | 1.3.4 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr10 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr14 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr8 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr12 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr5 |
| washington_university | wu-ftpd | 2.5 |
| beroftpd | beroftpd | 1.3.2 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr15 |
| beroftpd | beroftpd | 1.3.3 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr9 |
Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | 2.4.1 |
wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | 2.4 |
FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | 2.4.2_vr16 |
| openbsd | ftpd | 5.60 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr4 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr6 |
| openbsd | ftpd | 5.51 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr13 |
| washington_university | wu-ftpd | 2.4.2_vr17 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr11 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr10 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr14 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr8 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr12 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr5 |
| washington_university | wu-ftpd | 2.5 |
| washington_university | wu-ftpd | 2.4.2_beta1 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr7 |
| washington_university | wu-ftpd | 2.6 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr15 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr9 |
| washington_university | wu-ftpd | 2.4.2_beta18 |
Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | 2.4.2_vr16 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr4 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr6 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr13 |
| washington_university | wu-ftpd | 2.4.2_vr17 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr11 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr10 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr14 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr8 |
| washington_university | wu-ftpd | 2.4.2_beta9 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr12 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr5 |
| washington_university | wu-ftpd | 2.5 |
| washington_university | wu-ftpd | 2.4.1 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr7 |
| washington_university | wu-ftpd | 2.6 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr15 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr9 |
| washington_university | wu-ftpd | 2.4.2_beta18 |
wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | 2.5.0 |
| david_madore | ftpd-bsd | 0.3.2 |
| washington_university | wu-ftpd | 2.6.1 |
| david_madore | ftpd-bsd | 0.3.3 |
| washington_university | wu-ftpd | 2.6.0 |
Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | 2.6.1 |
| washington_university | wu-ftpd | 2.4 |
| washington_university | wu-ftpd | 2.6.0 |
An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | 2.4.2_vr16 |
| gnu | fileutils | 4.1.6 |
| washington_university | wu-ftpd | 2.4.2_vr17 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr11 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr10 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr8 |
| washington_university | wu-ftpd | 2.6.2 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr12 |
| washington_university | wu-ftpd | 2.4.1 |
| washington_university | wu-ftpd | 2.6.1 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr7 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr15 |
| gnu | fileutils | 4.0 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr9 |
| washington_university | wu-ftpd | 2.4.2_beta2 |
| gnu | fileutils | 4.0.36 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr4 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr6 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr13 |
| washington_university | wu-ftpd | 2.6.0 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr14 |
| gnu | fileutils | 4.1 |
| washington_university | wu-ftpd | 2.5.0 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr5 |
| gnu | fileutils | 4.1.7 |
| washington_university | wu-ftpd | 2.4.2_beta18 |
ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | 2.4.2_vr16 |
| gnu | fileutils | 4.1.6 |
| washington_university | wu-ftpd | 2.4.2_vr17 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr11 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr10 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr8 |
| washington_university | wu-ftpd | 2.6.2 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr12 |
| washington_university | wu-ftpd | 2.4.1 |
| washington_university | wu-ftpd | 2.6.1 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr7 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr15 |
| gnu | fileutils | 4.0 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr9 |
| washington_university | wu-ftpd | 2.4.2_beta2 |
| gnu | fileutils | 4.0.36 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr4 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr6 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr13 |
| washington_university | wu-ftpd | 2.6.0 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr14 |
| gnu | fileutils | 4.1 |
| washington_university | wu-ftpd | 2.5.0 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr5 |
| gnu | fileutils | 4.1.7 |
| washington_university | wu-ftpd | 2.4.2_beta18 |
Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | * |
ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket bound to the same local address," does not close failed connections, which allows remote attackers to cause a denial of service.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | 2.6.2 |
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | 2.4.2_vr16 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr4 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr6 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr13 |
| washington_university | wu-ftpd | 2.4.2_vr17 |
| sgi | propack | 2.3 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr11 |
| sgi | propack | 2.4 |
| washington_university | wu-ftpd | 2.6.0 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr10 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr14 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr8 |
| washington_university | wu-ftpd | 2.6.2 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr12 |
| washington_university | wu-ftpd | 2.5.0 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr5 |
| washington_university | wu-ftpd | 2.4.1 |
| washington_university | wu-ftpd | 2.6.1 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr7 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr15 |
| washington_university | wu-ftpd | 2.4.2_beta18_vr9 |
| washington_university | wu-ftpd | 2.4.2_beta2 |
| washington_university | wu-ftpd | 2.4.2_beta18 |
Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | 2.6.2 |
The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| washington_university | wu-ftpd | 2.6.2 |
| washington_university | wu-ftpd | 2.6.1 |