Washington University: >> Wu-Ftpd >> 2.4 Security Vulnerabilities
Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550.
CVSS Score
7.5
EPSS Score
0.003
Published
2001-11-28
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
CVSS Score
7.5
EPSS Score
0.011
Published
1997-12-10
wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files.
CVSS Score
5.0
EPSS Score
0.009
Published
1997-07-04
Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command.
CVSS Score
10.0
EPSS Score
0.015
Published
1995-11-30