CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2004-0148
https://notcve.org/view.php?id=CVE-2004-0148
15 Apr 2004 — wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead. wu-ftpd 2.6.2 y anteriores, con la opción restricted-gid activada, permite a usuarios locales saltarse restricciones de acceso cambiando los permisos para impedir el acceso a su directorio home, lo que hace que wu-ftpd use el directorio raíz en su lugar. • http://marc.info/?l=bugtraq&m=108999466902690&w=2 •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2003-1327
https://notcve.org/view.php?id=CVE-2003-1327
31 Dec 2003 — Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator. • http://archives.neohapsis.com/archives/bugtraq/2003-09/0348.html •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2001-0935
https://notcve.org/view.php?id=CVE-2001-0935
28 Nov 2001 — Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550. • http://www.novell.com/linux/security/advisories/2001_043_wuftpd_txt.html •
CVSS: 9.1EPSS: 1%CPEs: 32EXPL: 0CVE-1999-0017
https://notcve.org/view.php?id=CVE-1999-0017
10 Dec 1997 — FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017 •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1326
https://notcve.org/view.php?id=CVE-1999-1326
04 Jul 1997 — wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files. • http://marc.info/?l=bugtraq&m=87602167420401&w=2 •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-1999-0080
https://notcve.org/view.php?id=CVE-1999-0080
30 Nov 1995 — Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command. • https://archive.nanog.org/mailinglist/mailarchives/old_archive/1995-11/msg00385.html •