Search

Find a vulnerability

Search criteria

    42 vulnerabilities by washington_university

    CVE-2003-1329 (GCVE-0-2003-1329)

    Vulnerability from cvelistv5 – Published: 2007-05-21 20:00 – Updated: 2024-09-16 23:55
    VLAI
    Summary
    ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket bound to the same local address," does not close failed connections, which allows remote attackers to cause a denial of service.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/34670 vdb-entryx_refsource_OSVDB
    ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_t… x_refsource_CONFIRM
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:28:02.819Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "34670",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/34670"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/connect-dos.patch"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "ftpd.c in wu-ftpd 2.6.2, when running on \"operating systems that only allow one non-connected socket bound to the same local address,\" does not close failed connections, which allows remote attackers to cause a denial of service."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-05-21T20:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "34670",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/34670"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/connect-dos.patch"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-1329",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ftpd.c in wu-ftpd 2.6.2, when running on \"operating systems that only allow one non-connected socket bound to the same local address,\" does not close failed connections, which allows remote attackers to cause a denial of service."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "34670",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/34670"
                },
                {
                  "name": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/connect-dos.patch",
                  "refsource": "CONFIRM",
                  "url": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/connect-dos.patch"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-1329",
        "datePublished": "2007-05-21T20:00:00.000Z",
        "dateReserved": "2007-05-21T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:55:39.181Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-1327 (GCVE-0-2003-1327)

    Vulnerability from cvelistv5 – Published: 2007-05-15 10:00 – Updated: 2024-08-08 02:28
    VLAI
    Summary
    Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.slackware.org/security/viewer.php?l=sl… vendor-advisoryx_refsource_SLACKWARE
    http://securitytracker.com/id?1007775 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/8668 vdb-entryx_refsource_BID
    http://secunia.com/advisories/9835 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/2594 vdb-entryx_refsource_OSVDB
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    Date Public
    2003-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:28:01.704Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "wuftp-mailadmin-sockprintf-bo(13269)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13269"
              },
              {
                "name": "SSA:2003-259-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2003\u0026m=slackware-security.365971"
              },
              {
                "name": "1007775",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1007775"
              },
              {
                "name": "8668",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/8668"
              },
              {
                "name": "9835",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/9835"
              },
              {
                "name": "2594",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/2594"
              },
              {
                "name": "20030922 Wu_ftpd all versions (not) vulnerability.",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2003-09/0348.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "wuftp-mailadmin-sockprintf-bo(13269)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13269"
            },
            {
              "name": "SSA:2003-259-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2003\u0026m=slackware-security.365971"
            },
            {
              "name": "1007775",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1007775"
            },
            {
              "name": "8668",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/8668"
            },
            {
              "name": "9835",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/9835"
            },
            {
              "name": "2594",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/2594"
            },
            {
              "name": "20030922 Wu_ftpd all versions (not) vulnerability.",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2003-09/0348.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-1327",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "wuftp-mailadmin-sockprintf-bo(13269)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13269"
                },
                {
                  "name": "SSA:2003-259-03",
                  "refsource": "SLACKWARE",
                  "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2003\u0026m=slackware-security.365971"
                },
                {
                  "name": "1007775",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1007775"
                },
                {
                  "name": "8668",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/8668"
                },
                {
                  "name": "9835",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/9835"
                },
                {
                  "name": "2594",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/2594"
                },
                {
                  "name": "20030922 Wu_ftpd all versions (not) vulnerability.",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2003-09/0348.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-1327",
        "datePublished": "2007-05-15T10:00:00.000Z",
        "dateReserved": "2007-05-14T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:28:01.704Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0256 (GCVE-0-2005-0256)

    Vulnerability from cvelistv5 – Published: 2005-02-25 05:00 – Updated: 2024-08-07 21:05
    VLAI
    Summary
    The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.debian.org/security/2005/dsa-705 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/18210 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.vupen.com/english/advisories/2006/1271 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2005/0588 vdb-entryx_refsource_VUPEN
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://secunia.com/advisories/14411 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://itrc.hp.com/service/cki/docDisplay.do?docI… vendor-advisoryx_refsource_HP
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-20… vendor-advisoryx_refsource_SCO
    http://secunia.com/advisories/19561 third-party-advisoryx_refsource_SECUNIA
    http://www.idefense.com/application/poi/display?i… third-party-advisoryx_refsource_IDEFENSE
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.osvdb.org/14203 vdb-entryx_refsource_OSVDB
    Date Public
    2005-02-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:05:25.485Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-705",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-705"
              },
              {
                "name": "18210",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18210"
              },
              {
                "name": "oval:org.mitre.oval:def:1762",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1762"
              },
              {
                "name": "ADV-2006-1271",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1271"
              },
              {
                "name": "ADV-2005-0588",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/0588"
              },
              {
                "name": "57795",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57795-1"
              },
              {
                "name": "14411",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/14411"
              },
              {
                "name": "oval:org.mitre.oval:def:1265",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1265"
              },
              {
                "name": "HPSBUX02110",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00637342"
              },
              {
                "name": "101699",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101699-1"
              },
              {
                "name": "SCOSA-2005.63",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SCO",
                  "x_transferred"
                ],
                "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.63/SCOSA-2005.63.txt"
              },
              {
                "name": "19561",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19561"
              },
              {
                "name": "SSRT061110",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00637342"
              },
              {
                "name": "20050225 WU-FTPD File Globbing Denial of Service Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/application/poi/display?id=207\u0026type=vulnerabilities"
              },
              {
                "name": "oval:org.mitre.oval:def:1333",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1333"
              },
              {
                "name": "14203",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/14203"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-02-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-705",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-705"
            },
            {
              "name": "18210",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18210"
            },
            {
              "name": "oval:org.mitre.oval:def:1762",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1762"
            },
            {
              "name": "ADV-2006-1271",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1271"
            },
            {
              "name": "ADV-2005-0588",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/0588"
            },
            {
              "name": "57795",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57795-1"
            },
            {
              "name": "14411",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/14411"
            },
            {
              "name": "oval:org.mitre.oval:def:1265",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1265"
            },
            {
              "name": "HPSBUX02110",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00637342"
            },
            {
              "name": "101699",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101699-1"
            },
            {
              "name": "SCOSA-2005.63",
              "tags": [
                "vendor-advisory",
                "x_refsource_SCO"
              ],
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.63/SCOSA-2005.63.txt"
            },
            {
              "name": "19561",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19561"
            },
            {
              "name": "SSRT061110",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00637342"
            },
            {
              "name": "20050225 WU-FTPD File Globbing Denial of Service Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/application/poi/display?id=207\u0026type=vulnerabilities"
            },
            {
              "name": "oval:org.mitre.oval:def:1333",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1333"
            },
            {
              "name": "14203",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/14203"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-0256",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-705",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2005/dsa-705"
                },
                {
                  "name": "18210",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18210"
                },
                {
                  "name": "oval:org.mitre.oval:def:1762",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1762"
                },
                {
                  "name": "ADV-2006-1271",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1271"
                },
                {
                  "name": "ADV-2005-0588",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/0588"
                },
                {
                  "name": "57795",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57795-1"
                },
                {
                  "name": "14411",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/14411"
                },
                {
                  "name": "oval:org.mitre.oval:def:1265",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1265"
                },
                {
                  "name": "HPSBUX02110",
                  "refsource": "HP",
                  "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00637342"
                },
                {
                  "name": "101699",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101699-1"
                },
                {
                  "name": "SCOSA-2005.63",
                  "refsource": "SCO",
                  "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.63/SCOSA-2005.63.txt"
                },
                {
                  "name": "19561",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19561"
                },
                {
                  "name": "SSRT061110",
                  "refsource": "HP",
                  "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00637342"
                },
                {
                  "name": "20050225 WU-FTPD File Globbing Denial of Service Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/application/poi/display?id=207\u0026type=vulnerabilities"
                },
                {
                  "name": "oval:org.mitre.oval:def:1333",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1333"
                },
                {
                  "name": "14203",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/14203"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-0256",
        "datePublished": "2005-02-25T05:00:00.000Z",
        "dateReserved": "2005-02-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:05:25.485Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0185 (GCVE-0-2004-0185)

    Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:10
    VLAI
    Summary
    Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2004-02-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:10:03.791Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/skeychallenge.patch"
              },
              {
                "name": "8893",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/8893"
              },
              {
                "name": "DSA-457",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-457"
              },
              {
                "name": "wuftpd-skey-bo(13518)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13518"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securiteam.com/unixfocus/6X00Q1P8KC.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://unixpunx.org/txt/exploits_archive/packetstorm/0310-advisories/wuftpd-skey.txt"
              },
              {
                "name": "RHSA-2004:096",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-096.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-02-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-08-13T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/skeychallenge.patch"
            },
            {
              "name": "8893",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/8893"
            },
            {
              "name": "DSA-457",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-457"
            },
            {
              "name": "wuftpd-skey-bo(13518)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13518"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securiteam.com/unixfocus/6X00Q1P8KC.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://unixpunx.org/txt/exploits_archive/packetstorm/0310-advisories/wuftpd-skey.txt"
            },
            {
              "name": "RHSA-2004:096",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-096.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0185",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/skeychallenge.patch",
                  "refsource": "CONFIRM",
                  "url": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/skeychallenge.patch"
                },
                {
                  "name": "8893",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/8893"
                },
                {
                  "name": "DSA-457",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-457"
                },
                {
                  "name": "wuftpd-skey-bo(13518)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13518"
                },
                {
                  "name": "http://www.securiteam.com/unixfocus/6X00Q1P8KC.html",
                  "refsource": "MISC",
                  "url": "http://www.securiteam.com/unixfocus/6X00Q1P8KC.html"
                },
                {
                  "name": "http://unixpunx.org/txt/exploits_archive/packetstorm/0310-advisories/wuftpd-skey.txt",
                  "refsource": "MISC",
                  "url": "http://unixpunx.org/txt/exploits_archive/packetstorm/0310-advisories/wuftpd-skey.txt"
                },
                {
                  "name": "RHSA-2004:096",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-096.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0185",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2004-03-02T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:10:03.791Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0148 (GCVE-0-2004-0148)

    Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:10
    VLAI
    Summary
    wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://www.debian.org/security/2004/dsa-457 vendor-advisoryx_refsource_DEBIAN
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/11055 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/20168 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=108999466902690&w=2 vendor-advisoryx_refsource_HP
    http://www.securityfocus.com/bid/9832 vdb-entryx_refsource_BID
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.redhat.com/support/errata/RHSA-2004-096.html vendor-advisoryx_refsource_REDHAT
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.frsirt.com/english/advisories/2006/1867 third-party-advisoryx_refsource_FRSIRT
    Date Public
    2004-03-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:10:03.675Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "wuftpd-restrictedgid-gain-access(15423)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15423"
              },
              {
                "name": "oval:org.mitre.oval:def:1637",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1637"
              },
              {
                "name": "102356",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102356-1"
              },
              {
                "name": "DSA-457",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-457"
              },
              {
                "name": "oval:org.mitre.oval:def:1147",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1147"
              },
              {
                "name": "11055",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11055"
              },
              {
                "name": "20168",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20168"
              },
              {
                "name": "SSRT4704",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=108999466902690\u0026w=2"
              },
              {
                "name": "9832",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9832"
              },
              {
                "name": "oval:org.mitre.oval:def:648",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A648"
              },
              {
                "name": "RHSA-2004:096",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-096.html"
              },
              {
                "name": "oval:org.mitre.oval:def:1636",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1636"
              },
              {
                "name": "ADV-2006-1867",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_FRSIRT",
                  "x_transferred"
                ],
                "url": "http://www.frsirt.com/english/advisories/2006/1867"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-03-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2006-05-22T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "wuftpd-restrictedgid-gain-access(15423)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15423"
            },
            {
              "name": "oval:org.mitre.oval:def:1637",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1637"
            },
            {
              "name": "102356",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102356-1"
            },
            {
              "name": "DSA-457",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-457"
            },
            {
              "name": "oval:org.mitre.oval:def:1147",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1147"
            },
            {
              "name": "11055",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11055"
            },
            {
              "name": "20168",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20168"
            },
            {
              "name": "SSRT4704",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=108999466902690\u0026w=2"
            },
            {
              "name": "9832",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9832"
            },
            {
              "name": "oval:org.mitre.oval:def:648",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A648"
            },
            {
              "name": "RHSA-2004:096",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-096.html"
            },
            {
              "name": "oval:org.mitre.oval:def:1636",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1636"
            },
            {
              "name": "ADV-2006-1867",
              "tags": [
                "third-party-advisory",
                "x_refsource_FRSIRT"
              ],
              "url": "http://www.frsirt.com/english/advisories/2006/1867"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0148",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "wuftpd-restrictedgid-gain-access(15423)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15423"
                },
                {
                  "name": "oval:org.mitre.oval:def:1637",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1637"
                },
                {
                  "name": "102356",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102356-1"
                },
                {
                  "name": "DSA-457",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-457"
                },
                {
                  "name": "oval:org.mitre.oval:def:1147",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1147"
                },
                {
                  "name": "11055",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11055"
                },
                {
                  "name": "20168",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20168"
                },
                {
                  "name": "SSRT4704",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=108999466902690\u0026w=2"
                },
                {
                  "name": "9832",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9832"
                },
                {
                  "name": "oval:org.mitre.oval:def:648",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A648"
                },
                {
                  "name": "RHSA-2004:096",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-096.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:1636",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1636"
                },
                {
                  "name": "ADV-2006-1867",
                  "refsource": "FRSIRT",
                  "url": "http://www.frsirt.com/english/advisories/2006/1867"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0148",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2004-02-13T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:10:03.675Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0853 (GCVE-0-2003-0853)

    Vulnerability from cvelistv5 – Published: 2003-10-25 04:00 – Updated: 2024-08-08 02:05
    VLAI
    Summary
    An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.redhat.com/support/errata/RHSA-2003-309.html vendor-advisoryx_refsource_REDHAT
    http://www.turbolinux.com/security/TLSA-2003-60.txt vendor-advisoryx_refsource_TURBO
    http://www.redhat.com/support/errata/RHSA-2003-310.html vendor-advisoryx_refsource_REDHAT
    http://www.securityfocus.com/bid/8875 vdb-entryx_refsource_BID
    http://www.securityfocus.com/advisories/6014 vendor-advisoryx_refsource_IMMUNIX
    http://secunia.com/advisories/17069 third-party-advisoryx_refsource_SECUNIA
    http://www.guninski.com/binls.html x_refsource_MISC
    http://secunia.com/advisories/10126 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    Date Public
    2003-10-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:05:12.707Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "CLA-2003:771",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
              },
              {
                "name": "CLA-2003:768",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
              },
              {
                "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
              },
              {
                "name": "RHSA-2003:309",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
              },
              {
                "name": "TLSA-2003-60",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_TURBO",
                  "x_transferred"
                ],
                "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
              },
              {
                "name": "RHSA-2003:310",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
              },
              {
                "name": "8875",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/8875"
              },
              {
                "name": "IMNX-2003-7+-026-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_IMMUNIX",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/advisories/6014"
              },
              {
                "name": "17069",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17069"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.guninski.com/binls.html"
              },
              {
                "name": "10126",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/10126"
              },
              {
                "name": "MDKSA-2003:106",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-10-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-10-28T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "CLA-2003:771",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
            },
            {
              "name": "CLA-2003:768",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
            },
            {
              "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
            },
            {
              "name": "RHSA-2003:309",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
            },
            {
              "name": "TLSA-2003-60",
              "tags": [
                "vendor-advisory",
                "x_refsource_TURBO"
              ],
              "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
            },
            {
              "name": "RHSA-2003:310",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
            },
            {
              "name": "8875",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/8875"
            },
            {
              "name": "IMNX-2003-7+-026-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_IMMUNIX"
              ],
              "url": "http://www.securityfocus.com/advisories/6014"
            },
            {
              "name": "17069",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17069"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.guninski.com/binls.html"
            },
            {
              "name": "10126",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/10126"
            },
            {
              "name": "MDKSA-2003:106",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0853",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "CLA-2003:771",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
                },
                {
                  "name": "CLA-2003:768",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
                },
                {
                  "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
                },
                {
                  "name": "RHSA-2003:309",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
                },
                {
                  "name": "TLSA-2003-60",
                  "refsource": "TURBO",
                  "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
                },
                {
                  "name": "RHSA-2003:310",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
                },
                {
                  "name": "8875",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/8875"
                },
                {
                  "name": "IMNX-2003-7+-026-01",
                  "refsource": "IMMUNIX",
                  "url": "http://www.securityfocus.com/advisories/6014"
                },
                {
                  "name": "17069",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17069"
                },
                {
                  "name": "http://www.guninski.com/binls.html",
                  "refsource": "MISC",
                  "url": "http://www.guninski.com/binls.html"
                },
                {
                  "name": "10126",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/10126"
                },
                {
                  "name": "MDKSA-2003:106",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0853",
        "datePublished": "2003-10-25T04:00:00.000Z",
        "dateReserved": "2003-10-10T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:05:12.707Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0854 (GCVE-0-2003-0854)

    Vulnerability from cvelistv5 – Published: 2003-10-25 04:00 – Updated: 2024-08-08 02:05
    VLAI
    Summary
    ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.debian.org/security/2005/dsa-705 vendor-advisoryx_refsource_DEBIAN
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/115 exploitx_refsource_EXPLOIT-DB
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.redhat.com/support/errata/RHSA-2003-309.html vendor-advisoryx_refsource_REDHAT
    http://www.turbolinux.com/security/TLSA-2003-60.txt vendor-advisoryx_refsource_TURBO
    http://www.redhat.com/support/errata/RHSA-2003-310.html vendor-advisoryx_refsource_REDHAT
    http://www.securityfocus.com/advisories/6014 vendor-advisoryx_refsource_IMMUNIX
    http://secunia.com/advisories/17069 third-party-advisoryx_refsource_SECUNIA
    http://www.guninski.com/binls.html x_refsource_MISC
    http://secunia.com/advisories/10126 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    Date Public
    2003-10-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:05:12.585Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-705",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-705"
              },
              {
                "name": "CLA-2003:771",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
              },
              {
                "name": "115",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/115"
              },
              {
                "name": "CLA-2003:768",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
              },
              {
                "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
              },
              {
                "name": "RHSA-2003:309",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
              },
              {
                "name": "TLSA-2003-60",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_TURBO",
                  "x_transferred"
                ],
                "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
              },
              {
                "name": "RHSA-2003:310",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
              },
              {
                "name": "IMNX-2003-7+-026-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_IMMUNIX",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/advisories/6014"
              },
              {
                "name": "17069",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17069"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.guninski.com/binls.html"
              },
              {
                "name": "10126",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/10126"
              },
              {
                "name": "MDKSA-2003:106",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-10-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-705",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-705"
            },
            {
              "name": "CLA-2003:771",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
            },
            {
              "name": "115",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/115"
            },
            {
              "name": "CLA-2003:768",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
            },
            {
              "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
            },
            {
              "name": "RHSA-2003:309",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
            },
            {
              "name": "TLSA-2003-60",
              "tags": [
                "vendor-advisory",
                "x_refsource_TURBO"
              ],
              "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
            },
            {
              "name": "RHSA-2003:310",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
            },
            {
              "name": "IMNX-2003-7+-026-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_IMMUNIX"
              ],
              "url": "http://www.securityfocus.com/advisories/6014"
            },
            {
              "name": "17069",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17069"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.guninski.com/binls.html"
            },
            {
              "name": "10126",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/10126"
            },
            {
              "name": "MDKSA-2003:106",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0854",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-705",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2005/dsa-705"
                },
                {
                  "name": "CLA-2003:771",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
                },
                {
                  "name": "115",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/115"
                },
                {
                  "name": "CLA-2003:768",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
                },
                {
                  "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
                },
                {
                  "name": "RHSA-2003:309",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
                },
                {
                  "name": "TLSA-2003-60",
                  "refsource": "TURBO",
                  "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
                },
                {
                  "name": "RHSA-2003:310",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
                },
                {
                  "name": "IMNX-2003-7+-026-01",
                  "refsource": "IMMUNIX",
                  "url": "http://www.securityfocus.com/advisories/6014"
                },
                {
                  "name": "17069",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17069"
                },
                {
                  "name": "http://www.guninski.com/binls.html",
                  "refsource": "MISC",
                  "url": "http://www.guninski.com/binls.html"
                },
                {
                  "name": "10126",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/10126"
                },
                {
                  "name": "MDKSA-2003:106",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0854",
        "datePublished": "2003-10-25T04:00:00.000Z",
        "dateReserved": "2003-10-10T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:05:12.585Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-0550 (GCVE-0-2001-0550)

    Vulnerability from cvelistv5 – Published: 2002-06-25 04:00 – Updated: 2024-08-08 04:21
    VLAI
    Summary
    wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://marc.info/?l=bugtraq&m=100700363414799&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.cert.org/advisories/CA-2001-33.html third-party-advisoryx_refsource_CERT
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.linux-mandrake.com/en/security/2001/MD… vendor-advisoryx_refsource_MANDRAKE
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://www1.itrc.hp.com/service/cki/docDisplay.do… vendor-advisoryx_refsource_HP
    http://www.securityfocus.com/archive/82/180823 mailing-listx_refsource_VULN-DEV
    http://www.caldera.com/support/security/advisorie… vendor-advisoryx_refsource_CALDERA
    http://www.debian.org/security/2001/dsa-087 vendor-advisoryx_refsource_DEBIAN
    http://download.immunix.org/ImmunixOS/7.0/updates… vendor-advisoryx_refsource_IMMUNIX
    http://www.redhat.com/support/errata/RHSA-2001-157.html vendor-advisoryx_refsource_REDHAT
    http://www.kb.cert.org/vuls/id/886083 third-party-advisoryx_refsource_CERT-VN
    http://www.securityfocus.com/bid/3581 vdb-entryx_refsource_BID
    Date Public
    2001-04-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:21:38.519Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SuSE-SA:2001:043",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2001_043_wuftpd_txt.html"
              },
              {
                "name": "20011128 CORE-20011001: Wu-FTP glob heap corruption vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=100700363414799\u0026w=2"
              },
              {
                "name": "CA-2001-33",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.cert.org/advisories/CA-2001-33.html"
              },
              {
                "name": "wuftp-glob-heap-corruption(7611)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7611"
              },
              {
                "name": "MDKSA-2001:090",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-090.php3"
              },
              {
                "name": "CLA-2001:442",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000442"
              },
              {
                "name": "HPSBUX0107-162",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0107-162"
              },
              {
                "name": "20010430 some ftpd implementations mishandle CWD ~{",
                "tags": [
                  "mailing-list",
                  "x_refsource_VULN-DEV",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/82/180823"
              },
              {
                "name": "CSSA-2001-041.0",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CALDERA",
                  "x_transferred"
                ],
                "url": "http://www.caldera.com/support/security/advisories/CSSA-2001-041.0.txt"
              },
              {
                "name": "DSA-087",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2001/dsa-087"
              },
              {
                "name": "IMNX-2001-70-036-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_IMMUNIX",
                  "x_transferred"
                ],
                "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-036-01"
              },
              {
                "name": "RHSA-2001:157",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2001-157.html"
              },
              {
                "name": "VU#886083",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/886083"
              },
              {
                "name": "3581",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/3581"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-04-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a \"~{\" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-06-16T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "SuSE-SA:2001:043",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2001_043_wuftpd_txt.html"
            },
            {
              "name": "20011128 CORE-20011001: Wu-FTP glob heap corruption vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=100700363414799\u0026w=2"
            },
            {
              "name": "CA-2001-33",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.cert.org/advisories/CA-2001-33.html"
            },
            {
              "name": "wuftp-glob-heap-corruption(7611)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7611"
            },
            {
              "name": "MDKSA-2001:090",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-090.php3"
            },
            {
              "name": "CLA-2001:442",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000442"
            },
            {
              "name": "HPSBUX0107-162",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0107-162"
            },
            {
              "name": "20010430 some ftpd implementations mishandle CWD ~{",
              "tags": [
                "mailing-list",
                "x_refsource_VULN-DEV"
              ],
              "url": "http://www.securityfocus.com/archive/82/180823"
            },
            {
              "name": "CSSA-2001-041.0",
              "tags": [
                "vendor-advisory",
                "x_refsource_CALDERA"
              ],
              "url": "http://www.caldera.com/support/security/advisories/CSSA-2001-041.0.txt"
            },
            {
              "name": "DSA-087",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2001/dsa-087"
            },
            {
              "name": "IMNX-2001-70-036-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_IMMUNIX"
              ],
              "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-036-01"
            },
            {
              "name": "RHSA-2001:157",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2001-157.html"
            },
            {
              "name": "VU#886083",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/886083"
            },
            {
              "name": "3581",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/3581"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-0550",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a \"~{\" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "SuSE-SA:2001:043",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2001_043_wuftpd_txt.html"
                },
                {
                  "name": "20011128 CORE-20011001: Wu-FTP glob heap corruption vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=100700363414799\u0026w=2"
                },
                {
                  "name": "CA-2001-33",
                  "refsource": "CERT",
                  "url": "http://www.cert.org/advisories/CA-2001-33.html"
                },
                {
                  "name": "wuftp-glob-heap-corruption(7611)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7611"
                },
                {
                  "name": "MDKSA-2001:090",
                  "refsource": "MANDRAKE",
                  "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-090.php3"
                },
                {
                  "name": "CLA-2001:442",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000442"
                },
                {
                  "name": "HPSBUX0107-162",
                  "refsource": "HP",
                  "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0107-162"
                },
                {
                  "name": "20010430 some ftpd implementations mishandle CWD ~{",
                  "refsource": "VULN-DEV",
                  "url": "http://www.securityfocus.com/archive/82/180823"
                },
                {
                  "name": "CSSA-2001-041.0",
                  "refsource": "CALDERA",
                  "url": "http://www.caldera.com/support/security/advisories/CSSA-2001-041.0.txt"
                },
                {
                  "name": "DSA-087",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2001/dsa-087"
                },
                {
                  "name": "IMNX-2001-70-036-01",
                  "refsource": "IMMUNIX",
                  "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-036-01"
                },
                {
                  "name": "RHSA-2001:157",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2001-157.html"
                },
                {
                  "name": "VU#886083",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/886083"
                },
                {
                  "name": "3581",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/3581"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-0550",
        "datePublished": "2002-06-25T04:00:00.000Z",
        "dateReserved": "2001-07-18T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:21:38.519Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-1999-1326 (GCVE-0-1999-1326)

    Vulnerability from cvelistv5 – Published: 2002-03-09 05:00 – Updated: 2024-08-01 17:11
    VLAI
    Summary
    wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://marc.info/?l=bugtraq&m=87602167420408&w=2 mailing-listx_refsource_BUGTRAQ
    http://marc.info/?l=bugtraq&m=87602167420401&w=2 mailing-listx_refsource_BUGTRAQ
    Date Public
    1997-01-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T17:11:02.943Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "wuftpd-abor-gain-privileges(7169)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7169"
              },
              {
                "name": "19970105 BoS:  serious security bug in wu-ftpd v2.4 -- PATCH",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=87602167420408\u0026w=2"
              },
              {
                "name": "19970104 serious security bug in wu-ftpd v2.4",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=87602167420401\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "1997-01-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-02-20T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "wuftpd-abor-gain-privileges(7169)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7169"
            },
            {
              "name": "19970105 BoS:  serious security bug in wu-ftpd v2.4 -- PATCH",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=87602167420408\u0026w=2"
            },
            {
              "name": "19970104 serious security bug in wu-ftpd v2.4",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=87602167420401\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-1999-1326",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "wuftpd-abor-gain-privileges(7169)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7169"
                },
                {
                  "name": "19970105 BoS:  serious security bug in wu-ftpd v2.4 -- PATCH",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=87602167420408\u0026w=2"
                },
                {
                  "name": "19970104 serious security bug in wu-ftpd v2.4",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=87602167420401\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-1999-1326",
        "datePublished": "2002-03-09T05:00:00.000Z",
        "dateReserved": "2001-08-31T00:00:00.000Z",
        "dateUpdated": "2024-08-01T17:11:02.943Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-0935 (GCVE-0-2001-0935)

    Vulnerability from cvelistv5 – Published: 2002-02-02 05:00 – Updated: 2024-08-08 04:37
    VLAI
    Summary
    Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    Date Public
    2001-11-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:37:07.294Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SuSE-SA:2001:043",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2001_043_wuftpd_txt.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-02-06T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "SuSE-SA:2001:043",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2001_043_wuftpd_txt.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-0935",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "SuSE-SA:2001:043",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2001_043_wuftpd_txt.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-0935",
        "datePublished": "2002-02-02T05:00:00.000Z",
        "dateReserved": "2002-01-31T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:37:07.294Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-0187 (GCVE-0-2001-0187)

    Vulnerability from cvelistv5 – Published: 2001-05-07 04:00 – Updated: 2024-08-08 04:14
    VLAI
    Summary
    Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2001-01-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:14:06.536Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-016",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2001/dsa-016"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_current/missing_format_strings.patch"
              },
              {
                "name": "wuftp-debug-format-string(6020)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6020"
              },
              {
                "name": "2296",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/2296"
              },
              {
                "name": "CLA-2001:443",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000443"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-05-21T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-016",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2001/dsa-016"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_current/missing_format_strings.patch"
            },
            {
              "name": "wuftp-debug-format-string(6020)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6020"
            },
            {
              "name": "2296",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/2296"
            },
            {
              "name": "CLA-2001:443",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000443"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-0187",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-016",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2001/dsa-016"
                },
                {
                  "name": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_current/missing_format_strings.patch",
                  "refsource": "CONFIRM",
                  "url": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_current/missing_format_strings.patch"
                },
                {
                  "name": "wuftp-debug-format-string(6020)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6020"
                },
                {
                  "name": "2296",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/2296"
                },
                {
                  "name": "CLA-2001:443",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000443"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-0187",
        "datePublished": "2001-05-07T04:00:00.000Z",
        "dateReserved": "2001-03-08T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:14:06.536Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2000-0574 (GCVE-0-2000-0574)

    Vulnerability from cvelistv5 – Published: 2000-07-19 04:00 – Updated: 2024-08-08 05:21
    VLAI
    Summary
    FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/1425 vdb-entryx_refsource_BID
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/1438 vdb-entryx_refsource_BID
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/adv… vendor-advisoryx_refsource_NETBSD
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    http://www.cert.org/advisories/CA-2000-13.html third-party-advisoryx_refsource_CERT
    Date Public
    2000-07-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T05:21:31.195Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1425",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1425"
              },
              {
                "name": "20000710 opieftpd setproctitle() patches",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0121.html"
              },
              {
                "name": "1438",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1438"
              },
              {
                "name": "20000706 ftpd and setproctitle()",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0061.html"
              },
              {
                "name": "NetBSD-SA2000-009",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_NETBSD",
                  "x_transferred"
                ],
                "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-009.txt.asc"
              },
              {
                "name": "20000705 proftp advisory",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0031.html"
              },
              {
                "name": "CA-2000-13",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.cert.org/advisories/CA-2000-13.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2000-07-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-03-21T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1425",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1425"
            },
            {
              "name": "20000710 opieftpd setproctitle() patches",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0121.html"
            },
            {
              "name": "1438",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1438"
            },
            {
              "name": "20000706 ftpd and setproctitle()",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0061.html"
            },
            {
              "name": "NetBSD-SA2000-009",
              "tags": [
                "vendor-advisory",
                "x_refsource_NETBSD"
              ],
              "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-009.txt.asc"
            },
            {
              "name": "20000705 proftp advisory",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0031.html"
            },
            {
              "name": "CA-2000-13",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.cert.org/advisories/CA-2000-13.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2000-0574",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1425",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1425"
                },
                {
                  "name": "20000710 opieftpd setproctitle() patches",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0121.html"
                },
                {
                  "name": "1438",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1438"
                },
                {
                  "name": "20000706 ftpd and setproctitle()",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0061.html"
                },
                {
                  "name": "NetBSD-SA2000-009",
                  "refsource": "NETBSD",
                  "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-009.txt.asc"
                },
                {
                  "name": "20000705 proftp advisory",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0031.html"
                },
                {
                  "name": "CA-2000-13",
                  "refsource": "CERT",
                  "url": "http://www.cert.org/advisories/CA-2000-13.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2000-0574",
        "datePublished": "2000-07-19T04:00:00.000Z",
        "dateReserved": "2000-07-19T00:00:00.000Z",
        "dateUpdated": "2024-08-08T05:21:31.195Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-1999-0076 (GCVE-0-1999-0076)

    Vulnerability from cvelistv5 – Published: 2000-02-04 05:00 – Updated: 2024-08-01 16:27
    VLAI
    Summary
    Buffer overflow in wu-ftp from PASV command causes a core dump.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T16:27:57.363Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0076"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in wu-ftp from PASV command causes a core dump."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T06:35:14.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0076"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-1999-0076",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in wu-ftp from PASV command causes a core dump."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0076",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0076"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-1999-0076",
        "datePublished": "2000-02-04T05:00:00.000Z",
        "dateReserved": "1999-06-07T00:00:00.000Z",
        "dateUpdated": "2024-08-01T16:27:57.363Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-1999-0156 (GCVE-0-1999-0156)

    Vulnerability from cvelistv5 – Published: 2000-02-04 05:00 – Updated: 2024-08-01 16:27
    VLAI
    Summary
    wu-ftpd FTP daemon allows any user and password combination.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T16:27:57.740Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.cve.org/CVERecord?id=CVE-1999-0156"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "wu-ftpd FTP daemon allows any user and password combination."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T08:23:51.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.cve.org/CVERecord?id=CVE-1999-0156"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-1999-0156",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "wu-ftpd FTP daemon allows any user and password combination."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.cve.org/CVERecord?id=CVE-1999-0156",
                  "refsource": "MISC",
                  "url": "https://www.cve.org/CVERecord?id=CVE-1999-0156"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-1999-0156",
        "datePublished": "2000-02-04T05:00:00.000Z",
        "dateReserved": "1999-06-07T00:00:00.000Z",
        "dateUpdated": "2024-08-01T16:27:57.740Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-1999-0955 (GCVE-0-1999-0955)

    Vulnerability from cvelistv5 – Published: 2000-01-18 05:00 – Updated: 2024-08-01 16:55
    VLAI
    Summary
    Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T16:55:29.331Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0955"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T08:15:32.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0955"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-1999-0955",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0955",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0955"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-1999-0955",
        "datePublished": "2000-01-18T05:00:00.000Z",
        "dateReserved": "1999-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-01T16:55:29.331Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-1999-0878 (GCVE-0-1999-0878)

    Vulnerability from cvelistv5 – Published: 2000-01-04 05:00 – Updated: 2024-08-01 16:55
    VLAI
    Summary
    Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/599 vdb-entryx_refsource_BID
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T16:55:28.843Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "599",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/599"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-10-17T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "599",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/599"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-1999-0878",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "599",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/599"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-1999-0878",
        "datePublished": "2000-01-04T05:00:00.000Z",
        "dateReserved": "1999-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-01T16:55:28.843Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-1999-0368 (GCVE-0-1999-0368)

    Vulnerability from cvelistv5 – Published: 1999-09-29 04:00 – Updated: 2024-08-01 16:34
    VLAI
    Summary
    Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T16:34:51.941Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T07:24:14.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-1999-0368",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-1999-0368",
        "datePublished": "1999-09-29T04:00:00.000Z",
        "dateReserved": "1999-06-07T00:00:00.000Z",
        "dateUpdated": "2024-08-01T16:34:51.941Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-1999-0075 (GCVE-0-1999-0075)

    Vulnerability from cvelistv5 – Published: 1999-09-29 04:00 – Updated: 2024-08-01 16:27
    VLAI
    Summary
    PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/5742 vdb-entryx_refsource_OSVDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T16:27:57.161Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "5742",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/5742"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-09-02T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "5742",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/5742"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-1999-0075",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "5742",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/5742"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-1999-0075",
        "datePublished": "1999-09-29T04:00:00.000Z",
        "dateReserved": "1999-06-07T00:00:00.000Z",
        "dateUpdated": "2024-08-01T16:27:57.161Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-1999-0017 (GCVE-0-1999-0017)

    Vulnerability from cvelistv5 – Published: 1999-09-29 04:00 – Updated: 2024-08-01 16:27
    VLAI
    Summary
    FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T16:27:56.465Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-08-17T06:25:22.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-1999-0017",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-1999-0017",
        "datePublished": "1999-09-29T04:00:00.000Z",
        "dateReserved": "1999-06-07T00:00:00.000Z",
        "dateUpdated": "2024-08-01T16:27:56.465Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0256 (GCVE-0-2005-0256)

    Vulnerability from nvd – Published: 2005-02-25 05:00 – Updated: 2024-08-07 21:05
    VLAI
    Summary
    The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.debian.org/security/2005/dsa-705 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/18210 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.vupen.com/english/advisories/2006/1271 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2005/0588 vdb-entryx_refsource_VUPEN
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://secunia.com/advisories/14411 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://itrc.hp.com/service/cki/docDisplay.do?docI… vendor-advisoryx_refsource_HP
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-20… vendor-advisoryx_refsource_SCO
    http://secunia.com/advisories/19561 third-party-advisoryx_refsource_SECUNIA
    http://www.idefense.com/application/poi/display?i… third-party-advisoryx_refsource_IDEFENSE
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.osvdb.org/14203 vdb-entryx_refsource_OSVDB
    Date Public
    2005-02-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:05:25.485Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-705",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-705"
              },
              {
                "name": "18210",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18210"
              },
              {
                "name": "oval:org.mitre.oval:def:1762",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1762"
              },
              {
                "name": "ADV-2006-1271",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1271"
              },
              {
                "name": "ADV-2005-0588",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/0588"
              },
              {
                "name": "57795",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57795-1"
              },
              {
                "name": "14411",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/14411"
              },
              {
                "name": "oval:org.mitre.oval:def:1265",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1265"
              },
              {
                "name": "HPSBUX02110",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00637342"
              },
              {
                "name": "101699",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101699-1"
              },
              {
                "name": "SCOSA-2005.63",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SCO",
                  "x_transferred"
                ],
                "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.63/SCOSA-2005.63.txt"
              },
              {
                "name": "19561",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19561"
              },
              {
                "name": "SSRT061110",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00637342"
              },
              {
                "name": "20050225 WU-FTPD File Globbing Denial of Service Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/application/poi/display?id=207\u0026type=vulnerabilities"
              },
              {
                "name": "oval:org.mitre.oval:def:1333",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1333"
              },
              {
                "name": "14203",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/14203"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-02-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-705",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-705"
            },
            {
              "name": "18210",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18210"
            },
            {
              "name": "oval:org.mitre.oval:def:1762",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1762"
            },
            {
              "name": "ADV-2006-1271",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1271"
            },
            {
              "name": "ADV-2005-0588",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/0588"
            },
            {
              "name": "57795",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57795-1"
            },
            {
              "name": "14411",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/14411"
            },
            {
              "name": "oval:org.mitre.oval:def:1265",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1265"
            },
            {
              "name": "HPSBUX02110",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00637342"
            },
            {
              "name": "101699",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101699-1"
            },
            {
              "name": "SCOSA-2005.63",
              "tags": [
                "vendor-advisory",
                "x_refsource_SCO"
              ],
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.63/SCOSA-2005.63.txt"
            },
            {
              "name": "19561",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19561"
            },
            {
              "name": "SSRT061110",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00637342"
            },
            {
              "name": "20050225 WU-FTPD File Globbing Denial of Service Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/application/poi/display?id=207\u0026type=vulnerabilities"
            },
            {
              "name": "oval:org.mitre.oval:def:1333",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1333"
            },
            {
              "name": "14203",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/14203"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-0256",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-705",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2005/dsa-705"
                },
                {
                  "name": "18210",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18210"
                },
                {
                  "name": "oval:org.mitre.oval:def:1762",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1762"
                },
                {
                  "name": "ADV-2006-1271",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1271"
                },
                {
                  "name": "ADV-2005-0588",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/0588"
                },
                {
                  "name": "57795",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57795-1"
                },
                {
                  "name": "14411",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/14411"
                },
                {
                  "name": "oval:org.mitre.oval:def:1265",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1265"
                },
                {
                  "name": "HPSBUX02110",
                  "refsource": "HP",
                  "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00637342"
                },
                {
                  "name": "101699",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101699-1"
                },
                {
                  "name": "SCOSA-2005.63",
                  "refsource": "SCO",
                  "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.63/SCOSA-2005.63.txt"
                },
                {
                  "name": "19561",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19561"
                },
                {
                  "name": "SSRT061110",
                  "refsource": "HP",
                  "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00637342"
                },
                {
                  "name": "20050225 WU-FTPD File Globbing Denial of Service Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/application/poi/display?id=207\u0026type=vulnerabilities"
                },
                {
                  "name": "oval:org.mitre.oval:def:1333",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1333"
                },
                {
                  "name": "14203",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/14203"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-0256",
        "datePublished": "2005-02-25T05:00:00.000Z",
        "dateReserved": "2005-02-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:05:25.485Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0148 (GCVE-0-2004-0148)

    Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:10
    VLAI
    Summary
    wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://www.debian.org/security/2004/dsa-457 vendor-advisoryx_refsource_DEBIAN
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/11055 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/20168 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=108999466902690&w=2 vendor-advisoryx_refsource_HP
    http://www.securityfocus.com/bid/9832 vdb-entryx_refsource_BID
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.redhat.com/support/errata/RHSA-2004-096.html vendor-advisoryx_refsource_REDHAT
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.frsirt.com/english/advisories/2006/1867 third-party-advisoryx_refsource_FRSIRT
    Date Public
    2004-03-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:10:03.675Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "wuftpd-restrictedgid-gain-access(15423)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15423"
              },
              {
                "name": "oval:org.mitre.oval:def:1637",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1637"
              },
              {
                "name": "102356",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102356-1"
              },
              {
                "name": "DSA-457",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-457"
              },
              {
                "name": "oval:org.mitre.oval:def:1147",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1147"
              },
              {
                "name": "11055",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11055"
              },
              {
                "name": "20168",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20168"
              },
              {
                "name": "SSRT4704",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=108999466902690\u0026w=2"
              },
              {
                "name": "9832",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9832"
              },
              {
                "name": "oval:org.mitre.oval:def:648",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A648"
              },
              {
                "name": "RHSA-2004:096",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-096.html"
              },
              {
                "name": "oval:org.mitre.oval:def:1636",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1636"
              },
              {
                "name": "ADV-2006-1867",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_FRSIRT",
                  "x_transferred"
                ],
                "url": "http://www.frsirt.com/english/advisories/2006/1867"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-03-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2006-05-22T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "wuftpd-restrictedgid-gain-access(15423)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15423"
            },
            {
              "name": "oval:org.mitre.oval:def:1637",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1637"
            },
            {
              "name": "102356",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102356-1"
            },
            {
              "name": "DSA-457",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-457"
            },
            {
              "name": "oval:org.mitre.oval:def:1147",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1147"
            },
            {
              "name": "11055",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11055"
            },
            {
              "name": "20168",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20168"
            },
            {
              "name": "SSRT4704",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=108999466902690\u0026w=2"
            },
            {
              "name": "9832",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9832"
            },
            {
              "name": "oval:org.mitre.oval:def:648",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A648"
            },
            {
              "name": "RHSA-2004:096",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-096.html"
            },
            {
              "name": "oval:org.mitre.oval:def:1636",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1636"
            },
            {
              "name": "ADV-2006-1867",
              "tags": [
                "third-party-advisory",
                "x_refsource_FRSIRT"
              ],
              "url": "http://www.frsirt.com/english/advisories/2006/1867"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0148",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "wuftpd-restrictedgid-gain-access(15423)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15423"
                },
                {
                  "name": "oval:org.mitre.oval:def:1637",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1637"
                },
                {
                  "name": "102356",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102356-1"
                },
                {
                  "name": "DSA-457",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-457"
                },
                {
                  "name": "oval:org.mitre.oval:def:1147",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1147"
                },
                {
                  "name": "11055",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11055"
                },
                {
                  "name": "20168",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20168"
                },
                {
                  "name": "SSRT4704",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=108999466902690\u0026w=2"
                },
                {
                  "name": "9832",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9832"
                },
                {
                  "name": "oval:org.mitre.oval:def:648",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A648"
                },
                {
                  "name": "RHSA-2004:096",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-096.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:1636",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1636"
                },
                {
                  "name": "ADV-2006-1867",
                  "refsource": "FRSIRT",
                  "url": "http://www.frsirt.com/english/advisories/2006/1867"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0148",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2004-02-13T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:10:03.675Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0185 (GCVE-0-2004-0185)

    Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:10
    VLAI
    Summary
    Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2004-02-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:10:03.791Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/skeychallenge.patch"
              },
              {
                "name": "8893",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/8893"
              },
              {
                "name": "DSA-457",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-457"
              },
              {
                "name": "wuftpd-skey-bo(13518)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13518"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securiteam.com/unixfocus/6X00Q1P8KC.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://unixpunx.org/txt/exploits_archive/packetstorm/0310-advisories/wuftpd-skey.txt"
              },
              {
                "name": "RHSA-2004:096",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-096.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-02-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-08-13T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/skeychallenge.patch"
            },
            {
              "name": "8893",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/8893"
            },
            {
              "name": "DSA-457",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-457"
            },
            {
              "name": "wuftpd-skey-bo(13518)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13518"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securiteam.com/unixfocus/6X00Q1P8KC.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://unixpunx.org/txt/exploits_archive/packetstorm/0310-advisories/wuftpd-skey.txt"
            },
            {
              "name": "RHSA-2004:096",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-096.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0185",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/skeychallenge.patch",
                  "refsource": "CONFIRM",
                  "url": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/skeychallenge.patch"
                },
                {
                  "name": "8893",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/8893"
                },
                {
                  "name": "DSA-457",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-457"
                },
                {
                  "name": "wuftpd-skey-bo(13518)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13518"
                },
                {
                  "name": "http://www.securiteam.com/unixfocus/6X00Q1P8KC.html",
                  "refsource": "MISC",
                  "url": "http://www.securiteam.com/unixfocus/6X00Q1P8KC.html"
                },
                {
                  "name": "http://unixpunx.org/txt/exploits_archive/packetstorm/0310-advisories/wuftpd-skey.txt",
                  "refsource": "MISC",
                  "url": "http://unixpunx.org/txt/exploits_archive/packetstorm/0310-advisories/wuftpd-skey.txt"
                },
                {
                  "name": "RHSA-2004:096",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-096.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0185",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2004-03-02T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:10:03.791Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-1329 (GCVE-0-2003-1329)

    Vulnerability from nvd – Published: 2007-05-21 20:00 – Updated: 2024-09-16 23:55
    VLAI
    Summary
    ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket bound to the same local address," does not close failed connections, which allows remote attackers to cause a denial of service.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/34670 vdb-entryx_refsource_OSVDB
    ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_t… x_refsource_CONFIRM
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:28:02.819Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "34670",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/34670"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/connect-dos.patch"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "ftpd.c in wu-ftpd 2.6.2, when running on \"operating systems that only allow one non-connected socket bound to the same local address,\" does not close failed connections, which allows remote attackers to cause a denial of service."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-05-21T20:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "34670",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/34670"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/connect-dos.patch"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-1329",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ftpd.c in wu-ftpd 2.6.2, when running on \"operating systems that only allow one non-connected socket bound to the same local address,\" does not close failed connections, which allows remote attackers to cause a denial of service."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "34670",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/34670"
                },
                {
                  "name": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/connect-dos.patch",
                  "refsource": "CONFIRM",
                  "url": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/connect-dos.patch"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-1329",
        "datePublished": "2007-05-21T20:00:00.000Z",
        "dateReserved": "2007-05-21T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:55:39.181Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-1327 (GCVE-0-2003-1327)

    Vulnerability from nvd – Published: 2007-05-15 10:00 – Updated: 2024-08-08 02:28
    VLAI
    Summary
    Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.slackware.org/security/viewer.php?l=sl… vendor-advisoryx_refsource_SLACKWARE
    http://securitytracker.com/id?1007775 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/8668 vdb-entryx_refsource_BID
    http://secunia.com/advisories/9835 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/2594 vdb-entryx_refsource_OSVDB
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    Date Public
    2003-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:28:01.704Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "wuftp-mailadmin-sockprintf-bo(13269)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13269"
              },
              {
                "name": "SSA:2003-259-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2003\u0026m=slackware-security.365971"
              },
              {
                "name": "1007775",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1007775"
              },
              {
                "name": "8668",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/8668"
              },
              {
                "name": "9835",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/9835"
              },
              {
                "name": "2594",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/2594"
              },
              {
                "name": "20030922 Wu_ftpd all versions (not) vulnerability.",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2003-09/0348.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "wuftp-mailadmin-sockprintf-bo(13269)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13269"
            },
            {
              "name": "SSA:2003-259-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2003\u0026m=slackware-security.365971"
            },
            {
              "name": "1007775",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1007775"
            },
            {
              "name": "8668",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/8668"
            },
            {
              "name": "9835",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/9835"
            },
            {
              "name": "2594",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/2594"
            },
            {
              "name": "20030922 Wu_ftpd all versions (not) vulnerability.",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2003-09/0348.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-1327",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "wuftp-mailadmin-sockprintf-bo(13269)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13269"
                },
                {
                  "name": "SSA:2003-259-03",
                  "refsource": "SLACKWARE",
                  "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2003\u0026m=slackware-security.365971"
                },
                {
                  "name": "1007775",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1007775"
                },
                {
                  "name": "8668",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/8668"
                },
                {
                  "name": "9835",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/9835"
                },
                {
                  "name": "2594",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/2594"
                },
                {
                  "name": "20030922 Wu_ftpd all versions (not) vulnerability.",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2003-09/0348.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-1327",
        "datePublished": "2007-05-15T10:00:00.000Z",
        "dateReserved": "2007-05-14T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:28:01.704Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0853 (GCVE-0-2003-0853)

    Vulnerability from nvd – Published: 2003-10-25 04:00 – Updated: 2024-08-08 02:05
    VLAI
    Summary
    An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.redhat.com/support/errata/RHSA-2003-309.html vendor-advisoryx_refsource_REDHAT
    http://www.turbolinux.com/security/TLSA-2003-60.txt vendor-advisoryx_refsource_TURBO
    http://www.redhat.com/support/errata/RHSA-2003-310.html vendor-advisoryx_refsource_REDHAT
    http://www.securityfocus.com/bid/8875 vdb-entryx_refsource_BID
    http://www.securityfocus.com/advisories/6014 vendor-advisoryx_refsource_IMMUNIX
    http://secunia.com/advisories/17069 third-party-advisoryx_refsource_SECUNIA
    http://www.guninski.com/binls.html x_refsource_MISC
    http://secunia.com/advisories/10126 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    Date Public
    2003-10-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:05:12.707Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "CLA-2003:771",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
              },
              {
                "name": "CLA-2003:768",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
              },
              {
                "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
              },
              {
                "name": "RHSA-2003:309",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
              },
              {
                "name": "TLSA-2003-60",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_TURBO",
                  "x_transferred"
                ],
                "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
              },
              {
                "name": "RHSA-2003:310",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
              },
              {
                "name": "8875",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/8875"
              },
              {
                "name": "IMNX-2003-7+-026-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_IMMUNIX",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/advisories/6014"
              },
              {
                "name": "17069",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17069"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.guninski.com/binls.html"
              },
              {
                "name": "10126",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/10126"
              },
              {
                "name": "MDKSA-2003:106",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-10-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-10-28T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "CLA-2003:771",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
            },
            {
              "name": "CLA-2003:768",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
            },
            {
              "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
            },
            {
              "name": "RHSA-2003:309",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
            },
            {
              "name": "TLSA-2003-60",
              "tags": [
                "vendor-advisory",
                "x_refsource_TURBO"
              ],
              "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
            },
            {
              "name": "RHSA-2003:310",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
            },
            {
              "name": "8875",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/8875"
            },
            {
              "name": "IMNX-2003-7+-026-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_IMMUNIX"
              ],
              "url": "http://www.securityfocus.com/advisories/6014"
            },
            {
              "name": "17069",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17069"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.guninski.com/binls.html"
            },
            {
              "name": "10126",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/10126"
            },
            {
              "name": "MDKSA-2003:106",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0853",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "CLA-2003:771",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
                },
                {
                  "name": "CLA-2003:768",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
                },
                {
                  "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
                },
                {
                  "name": "RHSA-2003:309",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
                },
                {
                  "name": "TLSA-2003-60",
                  "refsource": "TURBO",
                  "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
                },
                {
                  "name": "RHSA-2003:310",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
                },
                {
                  "name": "8875",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/8875"
                },
                {
                  "name": "IMNX-2003-7+-026-01",
                  "refsource": "IMMUNIX",
                  "url": "http://www.securityfocus.com/advisories/6014"
                },
                {
                  "name": "17069",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17069"
                },
                {
                  "name": "http://www.guninski.com/binls.html",
                  "refsource": "MISC",
                  "url": "http://www.guninski.com/binls.html"
                },
                {
                  "name": "10126",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/10126"
                },
                {
                  "name": "MDKSA-2003:106",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0853",
        "datePublished": "2003-10-25T04:00:00.000Z",
        "dateReserved": "2003-10-10T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:05:12.707Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0854 (GCVE-0-2003-0854)

    Vulnerability from nvd – Published: 2003-10-25 04:00 – Updated: 2024-08-08 02:05
    VLAI
    Summary
    ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.debian.org/security/2005/dsa-705 vendor-advisoryx_refsource_DEBIAN
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/115 exploitx_refsource_EXPLOIT-DB
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.redhat.com/support/errata/RHSA-2003-309.html vendor-advisoryx_refsource_REDHAT
    http://www.turbolinux.com/security/TLSA-2003-60.txt vendor-advisoryx_refsource_TURBO
    http://www.redhat.com/support/errata/RHSA-2003-310.html vendor-advisoryx_refsource_REDHAT
    http://www.securityfocus.com/advisories/6014 vendor-advisoryx_refsource_IMMUNIX
    http://secunia.com/advisories/17069 third-party-advisoryx_refsource_SECUNIA
    http://www.guninski.com/binls.html x_refsource_MISC
    http://secunia.com/advisories/10126 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    Date Public
    2003-10-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:05:12.585Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-705",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-705"
              },
              {
                "name": "CLA-2003:771",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
              },
              {
                "name": "115",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/115"
              },
              {
                "name": "CLA-2003:768",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
              },
              {
                "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
              },
              {
                "name": "RHSA-2003:309",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
              },
              {
                "name": "TLSA-2003-60",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_TURBO",
                  "x_transferred"
                ],
                "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
              },
              {
                "name": "RHSA-2003:310",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
              },
              {
                "name": "IMNX-2003-7+-026-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_IMMUNIX",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/advisories/6014"
              },
              {
                "name": "17069",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17069"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.guninski.com/binls.html"
              },
              {
                "name": "10126",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/10126"
              },
              {
                "name": "MDKSA-2003:106",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-10-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-705",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-705"
            },
            {
              "name": "CLA-2003:771",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
            },
            {
              "name": "115",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/115"
            },
            {
              "name": "CLA-2003:768",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
            },
            {
              "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
            },
            {
              "name": "RHSA-2003:309",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
            },
            {
              "name": "TLSA-2003-60",
              "tags": [
                "vendor-advisory",
                "x_refsource_TURBO"
              ],
              "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
            },
            {
              "name": "RHSA-2003:310",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
            },
            {
              "name": "IMNX-2003-7+-026-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_IMMUNIX"
              ],
              "url": "http://www.securityfocus.com/advisories/6014"
            },
            {
              "name": "17069",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17069"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.guninski.com/binls.html"
            },
            {
              "name": "10126",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/10126"
            },
            {
              "name": "MDKSA-2003:106",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0854",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-705",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2005/dsa-705"
                },
                {
                  "name": "CLA-2003:771",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
                },
                {
                  "name": "115",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/115"
                },
                {
                  "name": "CLA-2003:768",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
                },
                {
                  "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
                },
                {
                  "name": "RHSA-2003:309",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
                },
                {
                  "name": "TLSA-2003-60",
                  "refsource": "TURBO",
                  "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
                },
                {
                  "name": "RHSA-2003:310",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
                },
                {
                  "name": "IMNX-2003-7+-026-01",
                  "refsource": "IMMUNIX",
                  "url": "http://www.securityfocus.com/advisories/6014"
                },
                {
                  "name": "17069",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17069"
                },
                {
                  "name": "http://www.guninski.com/binls.html",
                  "refsource": "MISC",
                  "url": "http://www.guninski.com/binls.html"
                },
                {
                  "name": "10126",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/10126"
                },
                {
                  "name": "MDKSA-2003:106",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0854",
        "datePublished": "2003-10-25T04:00:00.000Z",
        "dateReserved": "2003-10-10T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:05:12.585Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-0550 (GCVE-0-2001-0550)

    Vulnerability from nvd – Published: 2002-06-25 04:00 – Updated: 2024-08-08 04:21
    VLAI
    Summary
    wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://marc.info/?l=bugtraq&m=100700363414799&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.cert.org/advisories/CA-2001-33.html third-party-advisoryx_refsource_CERT
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.linux-mandrake.com/en/security/2001/MD… vendor-advisoryx_refsource_MANDRAKE
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://www1.itrc.hp.com/service/cki/docDisplay.do… vendor-advisoryx_refsource_HP
    http://www.securityfocus.com/archive/82/180823 mailing-listx_refsource_VULN-DEV
    http://www.caldera.com/support/security/advisorie… vendor-advisoryx_refsource_CALDERA
    http://www.debian.org/security/2001/dsa-087 vendor-advisoryx_refsource_DEBIAN
    http://download.immunix.org/ImmunixOS/7.0/updates… vendor-advisoryx_refsource_IMMUNIX
    http://www.redhat.com/support/errata/RHSA-2001-157.html vendor-advisoryx_refsource_REDHAT
    http://www.kb.cert.org/vuls/id/886083 third-party-advisoryx_refsource_CERT-VN
    http://www.securityfocus.com/bid/3581 vdb-entryx_refsource_BID
    Date Public
    2001-04-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:21:38.519Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SuSE-SA:2001:043",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2001_043_wuftpd_txt.html"
              },
              {
                "name": "20011128 CORE-20011001: Wu-FTP glob heap corruption vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=100700363414799\u0026w=2"
              },
              {
                "name": "CA-2001-33",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.cert.org/advisories/CA-2001-33.html"
              },
              {
                "name": "wuftp-glob-heap-corruption(7611)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7611"
              },
              {
                "name": "MDKSA-2001:090",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-090.php3"
              },
              {
                "name": "CLA-2001:442",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000442"
              },
              {
                "name": "HPSBUX0107-162",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0107-162"
              },
              {
                "name": "20010430 some ftpd implementations mishandle CWD ~{",
                "tags": [
                  "mailing-list",
                  "x_refsource_VULN-DEV",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/82/180823"
              },
              {
                "name": "CSSA-2001-041.0",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CALDERA",
                  "x_transferred"
                ],
                "url": "http://www.caldera.com/support/security/advisories/CSSA-2001-041.0.txt"
              },
              {
                "name": "DSA-087",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2001/dsa-087"
              },
              {
                "name": "IMNX-2001-70-036-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_IMMUNIX",
                  "x_transferred"
                ],
                "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-036-01"
              },
              {
                "name": "RHSA-2001:157",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2001-157.html"
              },
              {
                "name": "VU#886083",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/886083"
              },
              {
                "name": "3581",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/3581"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-04-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a \"~{\" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-06-16T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "SuSE-SA:2001:043",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2001_043_wuftpd_txt.html"
            },
            {
              "name": "20011128 CORE-20011001: Wu-FTP glob heap corruption vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=100700363414799\u0026w=2"
            },
            {
              "name": "CA-2001-33",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.cert.org/advisories/CA-2001-33.html"
            },
            {
              "name": "wuftp-glob-heap-corruption(7611)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7611"
            },
            {
              "name": "MDKSA-2001:090",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-090.php3"
            },
            {
              "name": "CLA-2001:442",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000442"
            },
            {
              "name": "HPSBUX0107-162",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0107-162"
            },
            {
              "name": "20010430 some ftpd implementations mishandle CWD ~{",
              "tags": [
                "mailing-list",
                "x_refsource_VULN-DEV"
              ],
              "url": "http://www.securityfocus.com/archive/82/180823"
            },
            {
              "name": "CSSA-2001-041.0",
              "tags": [
                "vendor-advisory",
                "x_refsource_CALDERA"
              ],
              "url": "http://www.caldera.com/support/security/advisories/CSSA-2001-041.0.txt"
            },
            {
              "name": "DSA-087",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2001/dsa-087"
            },
            {
              "name": "IMNX-2001-70-036-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_IMMUNIX"
              ],
              "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-036-01"
            },
            {
              "name": "RHSA-2001:157",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2001-157.html"
            },
            {
              "name": "VU#886083",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/886083"
            },
            {
              "name": "3581",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/3581"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-0550",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a \"~{\" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "SuSE-SA:2001:043",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2001_043_wuftpd_txt.html"
                },
                {
                  "name": "20011128 CORE-20011001: Wu-FTP glob heap corruption vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=100700363414799\u0026w=2"
                },
                {
                  "name": "CA-2001-33",
                  "refsource": "CERT",
                  "url": "http://www.cert.org/advisories/CA-2001-33.html"
                },
                {
                  "name": "wuftp-glob-heap-corruption(7611)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7611"
                },
                {
                  "name": "MDKSA-2001:090",
                  "refsource": "MANDRAKE",
                  "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-090.php3"
                },
                {
                  "name": "CLA-2001:442",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000442"
                },
                {
                  "name": "HPSBUX0107-162",
                  "refsource": "HP",
                  "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0107-162"
                },
                {
                  "name": "20010430 some ftpd implementations mishandle CWD ~{",
                  "refsource": "VULN-DEV",
                  "url": "http://www.securityfocus.com/archive/82/180823"
                },
                {
                  "name": "CSSA-2001-041.0",
                  "refsource": "CALDERA",
                  "url": "http://www.caldera.com/support/security/advisories/CSSA-2001-041.0.txt"
                },
                {
                  "name": "DSA-087",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2001/dsa-087"
                },
                {
                  "name": "IMNX-2001-70-036-01",
                  "refsource": "IMMUNIX",
                  "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-036-01"
                },
                {
                  "name": "RHSA-2001:157",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2001-157.html"
                },
                {
                  "name": "VU#886083",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/886083"
                },
                {
                  "name": "3581",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/3581"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-0550",
        "datePublished": "2002-06-25T04:00:00.000Z",
        "dateReserved": "2001-07-18T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:21:38.519Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-0935 (GCVE-0-2001-0935)

    Vulnerability from nvd – Published: 2002-02-02 05:00 – Updated: 2024-08-08 04:37
    VLAI
    Summary
    Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    Date Public
    2001-11-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:37:07.294Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SuSE-SA:2001:043",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2001_043_wuftpd_txt.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-02-06T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "SuSE-SA:2001:043",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2001_043_wuftpd_txt.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-0935",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "SuSE-SA:2001:043",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2001_043_wuftpd_txt.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-0935",
        "datePublished": "2002-02-02T05:00:00.000Z",
        "dateReserved": "2002-01-31T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:37:07.294Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-0187 (GCVE-0-2001-0187)

    Vulnerability from nvd – Published: 2001-05-07 04:00 – Updated: 2024-08-08 04:14
    VLAI
    Summary
    Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2001-01-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:14:06.536Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-016",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2001/dsa-016"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_current/missing_format_strings.patch"
              },
              {
                "name": "wuftp-debug-format-string(6020)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6020"
              },
              {
                "name": "2296",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/2296"
              },
              {
                "name": "CLA-2001:443",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000443"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-05-21T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-016",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2001/dsa-016"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_current/missing_format_strings.patch"
            },
            {
              "name": "wuftp-debug-format-string(6020)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6020"
            },
            {
              "name": "2296",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/2296"
            },
            {
              "name": "CLA-2001:443",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000443"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-0187",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-016",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2001/dsa-016"
                },
                {
                  "name": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_current/missing_format_strings.patch",
                  "refsource": "CONFIRM",
                  "url": "ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_current/missing_format_strings.patch"
                },
                {
                  "name": "wuftp-debug-format-string(6020)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6020"
                },
                {
                  "name": "2296",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/2296"
                },
                {
                  "name": "CLA-2001:443",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000443"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-0187",
        "datePublished": "2001-05-07T04:00:00.000Z",
        "dateReserved": "2001-03-08T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:14:06.536Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2000-0574 (GCVE-0-2000-0574)

    Vulnerability from nvd – Published: 2000-07-19 04:00 – Updated: 2024-08-08 05:21
    VLAI
    Summary
    FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/1425 vdb-entryx_refsource_BID
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/1438 vdb-entryx_refsource_BID
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/adv… vendor-advisoryx_refsource_NETBSD
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    http://www.cert.org/advisories/CA-2000-13.html third-party-advisoryx_refsource_CERT
    Date Public
    2000-07-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T05:21:31.195Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1425",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1425"
              },
              {
                "name": "20000710 opieftpd setproctitle() patches",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0121.html"
              },
              {
                "name": "1438",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1438"
              },
              {
                "name": "20000706 ftpd and setproctitle()",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0061.html"
              },
              {
                "name": "NetBSD-SA2000-009",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_NETBSD",
                  "x_transferred"
                ],
                "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-009.txt.asc"
              },
              {
                "name": "20000705 proftp advisory",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0031.html"
              },
              {
                "name": "CA-2000-13",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.cert.org/advisories/CA-2000-13.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2000-07-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-03-21T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1425",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1425"
            },
            {
              "name": "20000710 opieftpd setproctitle() patches",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0121.html"
            },
            {
              "name": "1438",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1438"
            },
            {
              "name": "20000706 ftpd and setproctitle()",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0061.html"
            },
            {
              "name": "NetBSD-SA2000-009",
              "tags": [
                "vendor-advisory",
                "x_refsource_NETBSD"
              ],
              "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-009.txt.asc"
            },
            {
              "name": "20000705 proftp advisory",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0031.html"
            },
            {
              "name": "CA-2000-13",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.cert.org/advisories/CA-2000-13.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2000-0574",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1425",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1425"
                },
                {
                  "name": "20000710 opieftpd setproctitle() patches",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0121.html"
                },
                {
                  "name": "1438",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1438"
                },
                {
                  "name": "20000706 ftpd and setproctitle()",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0061.html"
                },
                {
                  "name": "NetBSD-SA2000-009",
                  "refsource": "NETBSD",
                  "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-009.txt.asc"
                },
                {
                  "name": "20000705 proftp advisory",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0031.html"
                },
                {
                  "name": "CA-2000-13",
                  "refsource": "CERT",
                  "url": "http://www.cert.org/advisories/CA-2000-13.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2000-0574",
        "datePublished": "2000-07-19T04:00:00.000Z",
        "dateReserved": "2000-07-19T00:00:00.000Z",
        "dateUpdated": "2024-08-08T05:21:31.195Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }