Описание
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:millenux_gmbh:anonftp:2.8.1:*:*:*:*:*:*:*
cpe:2.3:a:university_of_washington:wu-ftpd:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:university_of_washington:wu-ftpd:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:university_of_washington:wu-ftpd:2.6.0:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.03822
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
больше 25 лет назад
wu-ftp with FTP conversion enabled allows an attacker to execute comma ...
github
около 3 лет назад
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
EPSS
Процентиль: 88%
0.03822
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other