Vulnerability Details CVE-2005-0958
Format string vulnerability in the log_do function in log.c for YepYep mtftpd 0.0.3, when the statistics option is enabled, allows remote attackers to execute arbitrary code via the CWD command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.057
EPSS Ranking 89.9%
CVSS Severity
CVSS v2 Score 7.5
References
- http://unl0ck.org/files/papers/mtftpd.txt
- http://www.securiteam.com/exploits/5KP0W0AF5K.html
- http://www.securityfocus.com/bid/12947
- http://www.tripbit.org/advisories/TA-040305.txt
- http://unl0ck.org/files/papers/mtftpd.txt
- http://www.securiteam.com/exploits/5KP0W0AF5K.html
- http://www.securityfocus.com/bid/12947
- http://www.tripbit.org/advisories/TA-040305.txt