Page 2 of 23 results (0.008 seconds)

CVSS: 5.0EPSS: 0%CPEs: 26EXPL: 2

An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd. Un desbordamiento de enteros en ls en los paquetes fileutils o coreutils puede permitir a usuarios locales causar una denegación de servicio o ejecutar código arbitrario mediante un valor -w, lo que podría ser explotado remotamente mediante aplicaciones que usan ls, como wu-ftpd. • https://www.exploit-db.com/exploits/23274 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000768 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000771 http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html http://secunia.com/advisories/10126 http://secunia.com/advisories/17069 http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf http://www.guninski.com/binls.html http://www.mandriva.com/security/advisories?name=MDKSA-2003:106 ht •

CVSS: 2.1EPSS: 0%CPEs: 26EXPL: 1

ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd. ls en los paquetes fileutils o coreutils permite a usuarios locales consumir una gran cantidad de memoria mediante un valor -w, lo que puede ser explotado remotamente mediante aplicaciones que usan ls, com wu-ftpd. • https://www.exploit-db.com/exploits/115 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000768 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000771 http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html http://secunia.com/advisories/10126 http://secunia.com/advisories/17069 http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf http://www.debian.org/security/2005/dsa-705 http://www.guninski.com/binls.html http://www.ma •

CVSS: 7.5EPSS: 96%CPEs: 5EXPL: 3

wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob). • https://www.exploit-db.com/exploits/348 https://www.exploit-db.com/exploits/21161 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000442 http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-036-01 http://marc.info/?l=bugtraq&m=100700363414799&w=2 http://www.caldera.com/support/security/advisories/CSSA-2001-041.0.txt http://www.cert.org/advisories/CA-2001-33.html http://www.debian.org/security/2001/dsa-087 http://www.kb.cert.org/vuls/ •

CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0

Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550. • http://www.novell.com/linux/security/advisories/2001_043_wuftpd_txt.html •

CVSS: 10.0EPSS: 3%CPEs: 19EXPL: 2

Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment. • https://www.exploit-db.com/exploits/20594 ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_current/missing_format_strings.patch http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000443 http://www.debian.org/security/2001/dsa-016 http://www.securityfocus.com/bid/2296 https://exchange.xforce.ibmcloud.com/vulnerabilities/6020 •