CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-1999-0997

wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.038

EPSS Ranking 87.5%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.debian.org/security/2003/dsa-377
http://www.debian.org/security/2003/dsa-377

Products affected by CVE-1999-0997

Millenux Gmbh » Anonftp » Version: 2.8.1

cpe:2.3:a:millenux_gmbh:anonftp:2.8.1
University Of Washington » Wu-Ftpd » Version: 2.4.2

cpe:2.3:a:university_of_washington:wu-ftpd:2.4.2
University Of Washington » Wu-Ftpd » Version: 2.5.0

cpe:2.3:a:university_of_washington:wu-ftpd:2.5.0
University Of Washington » Wu-Ftpd » Version: 2.6.0

cpe:2.3:a:university_of_washington:wu-ftpd:2.6.0
Redhat » Linux » Version: 5.2

cpe:2.3:o:redhat:linux:5.2
Redhat » Linux » Version: 6.0

cpe:2.3:o:redhat:linux:6.0
Redhat » Linux » Version: 6.1

cpe:2.3:o:redhat:linux:6.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-1999-0997

Products

Pricing

Contact Us