Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2004-0148

CVE information

Published

18 years ago

Last Modified

4 years ago

CVSSv2.0 Severity

High

Impact Analysis

Description

wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead..

CVSSv2.0 Score

Severity
High
Base Score
7.2/10
Exploit Score
3.9/10
Access Vector
Local
Access Complexity
Low
Authentication Required
None
Impact Score
10/10
Confidentiality Impact
Complete
Availability Impact
Complete
Integrity Impact
Complete

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18:*:acade
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr14:*:
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.5.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.4.2_vr17:*:*:*:*:*
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr9:*:*
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.4.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.4.2_vr16:*:*:*:*:*
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.6.2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.6.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr15:*:
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta2:*:academ
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr10:*:
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr11:*:
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr6:*:*
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr12:*:
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr13:*:
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr8:*:*
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr7:*:*
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.6.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr4:*:*
  Yes
- -
cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr5:*:*
  Yes
- -