CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2004-0148
https://notcve.org/view.php?id=CVE-2004-0148
15 Apr 2004 — wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead. wu-ftpd 2.6.2 y anteriores, con la opción restricted-gid activada, permite a usuarios locales saltarse restricciones de acceso cambiando los permisos para impedir el acceso a su directorio home, lo que hace que wu-ftpd use el directorio raíz en su lugar. • http://marc.info/?l=bugtraq&m=108999466902690&w=2 •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2003-1327
https://notcve.org/view.php?id=CVE-2003-1327
31 Dec 2003 — Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator. • http://archives.neohapsis.com/archives/bugtraq/2003-09/0348.html •
CVSS: 7.8EPSS: 2%CPEs: 26EXPL: 2CVE-2003-0853 – Coreutils 4.5.x - LS Width Argument Integer Overflow
https://notcve.org/view.php?id=CVE-2003-0853
25 Oct 2003 — An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd. Un desbordamiento de enteros en ls en los paquetes fileutils o coreutils puede permitir a usuarios locales causar una denegación de servicio o ejecutar código arbitrario mediante un valor -w, lo que podría ser explotado remotamente mediante aplicaciones que usan ls, ... • https://www.exploit-db.com/exploits/23274 •
CVSS: 5.5EPSS: 0%CPEs: 26EXPL: 1CVE-2003-0854 – WU-FTPD 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2003-0854
25 Oct 2003 — ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd. ls en los paquetes fileutils o coreutils permite a usuarios locales consumir una gran cantidad de memoria mediante un valor -w, lo que puede ser explotado remotamente mediante aplicaciones que usan ls, com wu-ftpd. • https://www.exploit-db.com/exploits/115 •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2001-0935
https://notcve.org/view.php?id=CVE-2001-0935
28 Nov 2001 — Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550. • http://www.novell.com/linux/security/advisories/2001_043_wuftpd_txt.html •
CVSS: 10.0EPSS: 6%CPEs: 19EXPL: 2CVE-2001-0187 – WU-FTPD 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String
https://notcve.org/view.php?id=CVE-2001-0187
26 Mar 2001 — Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment. • https://www.exploit-db.com/exploits/20594 •
CVSS: 9.8EPSS: 12%CPEs: 20EXPL: 1CVE-2000-0574 – OpenBSD - 'ftp' Local Overflow
https://notcve.org/view.php?id=CVE-2000-0574
07 Jul 2000 — FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands. • https://www.exploit-db.com/exploits/396 •
CVSS: 9.8EPSS: 3%CPEs: 7EXPL: 1CVE-1999-0997 – WU-FTPD 2.4.2/2.5 .0/2.6.0/2.6.1/2.6.2 - FTP Conversion
https://notcve.org/view.php?id=CVE-1999-0997
20 Dec 1999 — wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress. • https://www.exploit-db.com/exploits/20563 •
CVSS: 10.0EPSS: 1%CPEs: 17EXPL: 0CVE-1999-0878
https://notcve.org/view.php?id=CVE-1999-0878
22 Aug 1999 — Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR. • http://www.securityfocus.com/bid/599 •
CVSS: 10.0EPSS: 48%CPEs: 17EXPL: 2CVE-1999-0368 – WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - 'realpath' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-0368
09 Feb 1999 — Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. • https://www.exploit-db.com/exploits/19086 •