Vulnerabilities > CVE-2000-0573 - Unspecified vulnerability in HP Hp-Ux 11.00
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.
Exploit-Db
description BeroFTPD 1.3.4(1) Linux x86 Remote Root Exploit. CVE-2000-0573. Remote exploit for linux platform id EDB-ID:269 last seen 2016-01-31 modified 2001-05-08 published 2001-05-08 reporter qitest1 source https://www.exploit-db.com/download/269/ title BeroFTPD 1.3.41 - Remote Root Exploit Linux x86 description wu-ftpd 2.6.0 Remote Root Exploit. CVE-2000-0573. Remote exploits for multiple platform id EDB-ID:201 last seen 2016-01-31 modified 2000-11-21 published 2000-11-21 reporter venglin source https://www.exploit-db.com/download/201/ title wu-ftpd 2.6.0 - Remote Root Exploit description wu-ftpd 2.6.0 Remote Format Strings Exploit. CVE-2000-0573. Remote exploit for solaris platform id EDB-ID:239 last seen 2016-01-31 modified 2001-01-03 published 2001-01-03 reporter kalou source https://www.exploit-db.com/download/239/ title wu-ftpd 2.6.0 - Remote Format Strings Exploit description wu-ftpd 2.4.2/2.5 .0/2.6 .0 Remote Format String Stack Overwrite (2). CVE-2000-0573. Remote exploit for linux platform id EDB-ID:20031 last seen 2016-02-02 modified 2000-09-26 published 2000-09-26 reporter vsz_ source https://www.exploit-db.com/download/20031/ title wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite 2 description wu-ftpd 2.4.2/2.5 .0/2.6 .0 Remote Format String Stack Overwrite (3). CVE-2000-0573. Remote exploit for lin_x86 platform id EDB-ID:20032 last seen 2016-02-02 modified 2001-05-04 published 2001-05-04 reporter justme source https://www.exploit-db.com/download/20032/ title wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite 3 description wu-ftpd 2.4.2/2.5 .0/2.6 .0 Remote Format String Stack Overwrite (1). CVE-2000-0573. Remote exploit for unix platform id EDB-ID:20030 last seen 2016-02-02 modified 1999-10-15 published 1999-10-15 reporter tf8 source https://www.exploit-db.com/download/20030/ title wu-ftpd 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite 1 description wu-ftpd SITE EXEC/INDEX Format String Vulnerability. CVE-2000-0573. Remote exploit for linux platform id EDB-ID:16311 last seen 2016-02-01 modified 2010-11-30 published 2010-11-30 reporter metasploit source https://www.exploit-db.com/download/16311/ title wu-ftpd - SITE EXEC/INDEX Format String Vulnerability
Metasploit
description | This module exploits a format string vulnerability in versions of the Washington University FTP server older than 2.6.1. By executing specially crafted SITE EXEC or SITE INDEX commands containing format specifiers, an attacker can corrupt memory and execute arbitrary code. |
id | MSF:EXPLOIT/MULTI/FTP/WUFTPD_SITE_EXEC_FORMAT |
last seen | 2020-04-11 |
modified | 2017-07-24 |
published | 2009-12-06 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0573 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/multi/ftp/wuftpd_site_exec_format.rb |
title | WU-FTPD SITE EXEC/INDEX Format String Vulnerability |
Nessus
NASL family | FTP |
NASL id | WU_FTPD_SITE_EXEC.NASL |
description | The version of WU-FTPD hosted on the remote server does not properly sanitize the argument of the SITE EXEC command. It may be possible for a remote attacker to gain root access. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10452 |
published | 2000-06-27 |
reporter | This script is Copyright (C) 2000-2018 A. de Bernis |
source | https://www.tenable.com/plugins/nessus/10452 |
title | WU-FTPD site_exec() Function Remote Format String |
code |
|
Packetstorm
data source | https://packetstormsecurity.com/files/download/84534/wuftpd_site_exec_format.rb.txt |
id | PACKETSTORM:84534 |
last seen | 2016-12-05 |
published | 2009-12-31 |
reporter | jduck |
source | https://packetstormsecurity.com/files/84534/Wu-ftpd-SITE-EXEC-INDEX-Format-String-Vulnerability.html |
title | Wu-ftpd SITE EXEC/INDEX Format String Vulnerability |
Redhat
advisories |
|
References
- http://www.cert.org/advisories/CA-2000-13.html
- ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-2000.02
- http://www.calderasystems.com/support/security/advisories/CSSA-2000-020.0.txt
- http://www.redhat.com/support/errata/RHSA-2000-039.html
- http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.html
- http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.html
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:29.wu-ftpd.asc.v1.1
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-009.txt.asc
- http://www.securityfocus.com/bid/1387
- http://marc.info/?l=bugtraq&m=96171893218000&w=2
- http://marc.info/?l=bugtraq&m=96299933720862&w=2
- http://marc.info/?l=bugtraq&m=96179429114160&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/4773
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000623091822.3321.qmail%40fiver.freemessage.com