ID CVE-2001-0187
Summary Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment.
References
Vulnerable Configurations
  • cpe:2.3:a:washington_university:wu-ftpd:2.4.1
    cpe:2.3:a:washington_university:wu-ftpd:2.4.1
  • cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta9:-:academ
    cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta9:-:academ
  • cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18:-:academ
    cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18:-:academ
  • cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr4
    cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr4
  • cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr5
    cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr5
  • cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr6
    cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr6
  • cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr7
    cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr7
  • cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr8
    cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr8
  • cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr9
    cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr9
  • cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr10
    cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr10
  • cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr11
    cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr11
  • cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr12
    cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr12
  • cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr13
    cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr13
  • cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr14
    cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr14
  • cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr15
    cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr15
  • cpe:2.3:a:washington_university:wu-ftpd:2.4.2_vr16
    cpe:2.3:a:washington_university:wu-ftpd:2.4.2_vr16
  • cpe:2.3:a:washington_university:wu-ftpd:2.4.2_vr17
    cpe:2.3:a:washington_university:wu-ftpd:2.4.2_vr17
  • cpe:2.3:a:washington_university:wu-ftpd:2.5
    cpe:2.3:a:washington_university:wu-ftpd:2.5
  • cpe:2.3:a:washington_university:wu-ftpd:2.6
    cpe:2.3:a:washington_university:wu-ftpd:2.6
CVSS
Base: 10.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
description Wu-Ftpd 2.4.2/2.5/2.6 Debug Mode Client Hostname Format String Vulnerability. CVE-2001-0187. Remote exploit for unix platform
id EDB-ID:20594
last seen 2016-02-02
modified 2001-01-23
published 2001-01-23
reporter Wu-ftpd team
source https://www.exploit-db.com/download/20594/
title Wu-Ftpd 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String Vulnerability
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-016.NASL
    description Security people at WireX have noticed a temp file creation bug and the WU-FTPD development team has found a possible format string bug in wu-ftpd. Both could be remotely exploited, though no such exploit exists currently.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 14853
    published 2004-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14853
    title Debian DSA-016-3 : wu-ftpd - temp file creation and format string
  • NASL family FTP
    NASL id WU_FTPD_PASV_FORMAT_STRING.NASL
    description The remote WU-FTPd server, according to its version number, is vulnerable to a format string attack when running in debug mode.
    last seen 2019-02-21
    modified 2018-08-07
    plugin id 11331
    published 2003-03-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=11331
    title WU-FTPD Debug Mode Client Hostname Remote Format String
refmap via4
bid 2296
conectiva CLA-2001:443
confirm ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_current/missing_format_strings.patch
debian DSA-016
xf wuftp-debug-format-string(6020)
statements via4
contributor Joshua Bressers
lastmodified 2006-09-27
organization Red Hat
statement Red Hat Enterprise Linux 2.1 ships with wu-ftp version 2.6.2 which is not vulnerable to this issue.
Last major update 13-09-2013 - 00:13
Published 26-03-2001 - 00:00
Last modified 09-10-2017 - 21:29
Back to Top