PT-2000-1507 · Washington University · Wu-Ftpd

Publicado

2000-07-07

Atualizado

2018-05-03

CVE-2000-0573

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions wu-ftpd versions 2.6.0 and earlier

Description The issue arises from the lreply function in wu-ftpd, which fails to properly cleanse an untrusted format string. This allows remote attackers to execute arbitrary commands via the SITE EXEC command.

Recommendations For wu-ftpd versions 2.6.0 and earlier, consider disabling the SITE EXEC command as a temporary workaround until a patch is available. Restrict access to the lreply function to minimize the risk of exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2000-0573

Produtos afetados

Wu-Ftpd

PT-2000-1507 · Washington University · Wu-Ftpd

CVE-2000-0573

Identificadores relacionados

Produtos afetados

Referências · 23