Описание
wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).
Ссылки
- PatchVendor Advisory
- PatchThird Party AdvisoryUS Government Resource
- PatchThird Party AdvisoryUS Government Resource
- PatchVendor Advisory
- ExploitPatchVendor Advisory
- PatchVendor Advisory
- PatchThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:david_madore:ftpd-bsd:0.3.2:*:*:*:*:*:*:*
cpe:2.3:a:david_madore:ftpd-bsd:0.3.3:*:*:*:*:*:*:*
cpe:2.3:a:washington_university:wu-ftpd:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:washington_university:wu-ftpd:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:washington_university:wu-ftpd:2.6.1:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.73511
Высокий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
redhat
около 24 лет назад
wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).
github
около 3 лет назад
wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).
EPSS
Процентиль: 99%
0.73511
Высокий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other