Lucene search
HistoryApr 25, 2000 - 4:00 a.m.
CVE-1999-0997
cve-1999-0997
wu-ftp
ftp conversion
command execution vulnerability
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.6 Medium
AI Score
Confidence
Low
0.125 Low
EPSS
Percentile
95.5%
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
Affected configurations
Node
millenux_gmbhanonftpMatch2.8.1
ORuniversity_of_washingtonwu-ftpdMatch2.4.2
ORuniversity_of_washingtonwu-ftpdMatch2.5.0
ORuniversity_of_washingtonwu-ftpdMatch2.6.0
Node
redhatlinuxMatch5.2
ORredhatlinuxMatch6.0
ORredhatlinuxMatch6.1
References
Related
nessus
nessus
Debian DSA-377-1 : wu-ftpd - insecure program execution
2004-09-29 00:00:00
slackware
slackware
WU-FTPD Security Advisory
2003-09-23 23:07:06
debian
debian
[SECURITY] [DSA-377-1] New wu-ftpd packages fix insecure program execution
2003-09-05 01:03:18
openvas
openvas
Slackware: Security Advisory (SSA:2003-259-03)
2012-09-10 00:00:00
Debian Security Advisory DSA 377-1 (wu-ftpd)
2008-01-17 00:00:00
Slackware Advisory SSA:2003-259-03 WU-FTPD Security Advisory
2012-09-11 00:00:00
nvd
nvd
CVE-1999-0997
1999-12-20 05:00:00
redhatcve
redhatcve
CVE-1999-0997
2015-10-30 09:22:06
securityvulns
securityvulns
[SECURITY] [DSA-377-1] New wu-ftpd packages fix insecure program execution
2003-09-06 00:00:00
osv
osv
wu-ftpd - insecure program execution
2003-09-04 00:00:00
cvelist
cvelist
CVE-1999-0997
2000-04-25 04:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.6 Medium
AI Score
Confidence
Low
0.125 Low
EPSS
Percentile
95.5%
Related for CVE-1999-0997