ID CVE-1999-0082
Summary CWD ~root command in ftpd allows root access.
References
Vulnerable Configurations
  • cpe:2.3:a:ftp:ftp
    cpe:2.3:a:ftp:ftp
  • cpe:2.3:a:ftpcd:ftpcd
    cpe:2.3:a:ftpcd:ftpcd
CVSS
Base: 10.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
NASL family FTP
NASL id FTP_CWD_ROOT.NASL
description The remote FTP server is affected by a flaw that may allow a remote attacker to gain unauthorized privileges. An attacker can exploit this flaw by issuing a specially crafted request to the 'CWD ~root' command.
last seen 2019-02-21
modified 2018-08-31
plugin id 10083
published 1999-06-22
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=10083
title FTP 'CWD ~root' Command Privilege Escalation
refmap via4
farmervenema Improving the Security of Your Site by Breaking Into it
xf ftp-cwd
Last major update 09-09-2008 - 08:33
Published 11-11-1988 - 00:00
Back to Top