Vulnerabilities > CVE-1999-0075 - Unspecified vulnerability in Washington University Wu-Ftpd
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | FTP |
NASL id | FTP_PASV_ON_CONNECT.NASL |
description | The remote FTP server fails to handle QUOTE PASV requests for logged in users. An attacker can send a specially crafted requests to cause the service to die and dump core. The core file contains the usernames and passwords of all users. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10086 |
published | 1999-06-22 |
reporter | This script is Copyright (C) 1999-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/10086 |
title | WU-FTPD QUOTE PASV Forced Core Dump Information Disclosure |