Washington University: >> Wu-Ftpd >> 2.5 Security Vulnerabilities
Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment.
CVSS Score
10.0
EPSS Score
0.068
Published
2001-03-26
FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.
CVSS Score
5.0
EPSS Score
0.127
Published
2000-07-07
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR.
CVSS Score
10.0
EPSS Score
0.013
Published
1999-08-22