Washington University: >> Wu-Ftpd Security Vulnerabilities
FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.
CVSS Score
5.0
EPSS Score
0.127
Published
2000-07-07
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR.
CVSS Score
10.0
EPSS Score
0.013
Published
1999-08-22
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
CVSS Score
10.0
EPSS Score
0.483
Published
1999-02-09
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
CVSS Score
7.5
EPSS Score
0.011
Published
1997-12-10
Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command.
CVSS Score
7.6
EPSS Score
0.012
Published
1997-09-23
wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files.
CVSS Score
5.0
EPSS Score
0.009
Published
1997-07-04
Buffer overflow in wu-ftp from PASV command causes a core dump.
CVSS Score
5.0
EPSS Score
0.006
Published
1997-07-01
wu-ftpd FTP daemon allows any user and password combination.
CVSS Score
4.6
EPSS Score
0.001
Published
1997-07-01
wu-ftp allows files to be overwritten via the rnfr command.
CVSS Score
5.0
EPSS Score
0.007
Published
1997-01-11
PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password.
CVSS Score
5.0
EPSS Score
0.007
Published
1996-10-16