Vulnerabilities > Washington University > WU Ftpd > 2.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2001-11-28 | CVE-2001-0935 | Remote Security vulnerability in Washington University Wu-Ftpd 2.4/2.6.0/2.6.1 Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550. | 7.5 |
1997-12-10 | CVE-1999-0017 | FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. | 7.5 |
1997-07-04 | CVE-1999-1326 | Unspecified vulnerability in Washington University Wu-Ftpd 2.4 wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files. | 5.0 |
1995-11-30 | CVE-1999-0080 | Unspecified vulnerability in Washington University Wu-Ftpd 2.4 Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command. | 10.0 |