Vulnerabilities > CVE-1999-0075 - Unspecified vulnerability in Washington University Wu-Ftpd
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | FTP |
| NASL id | FTP_PASV_ON_CONNECT.NASL |
| description | The remote FTP server fails to handle QUOTE PASV requests for logged in users. An attacker can send a specially crafted requests to cause the service to die and dump core. The core file contains the usernames and passwords of all users. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 10086 |
| published | 1999-06-22 |
| reporter | This script is Copyright (C) 1999-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/10086 |
| title | WU-FTPD QUOTE PASV Forced Core Dump Information Disclosure |