Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

wu-ftpd MAIL_ADMIN overflow

Severity

Critical

Family

FTP

CVSSv2 Base

9.3

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Solution Type

Vendor Patch

Created

17 years ago

Modified

4 years ago

The remote Wu-FTPd server seems to be vulnerable to a remote flaw.

Insight

This version fails to properly check bounds on a pathname when Wu-Ftpd is compiled with MAIL_ADMIN enabled resulting in a buffer overflow. With a specially crafted request, an attacker can possibly execute arbitrary code as the user Wu-Ftpd runs as (usually root) resulting in a loss of integrity, and/or availability. It should be noted that this vulnerability is not present within the default installation of Wu-Ftpd. The server must be configured using the 'MAIL_ADMIN' option to notify an administrator when a file has been uploaded.

Solution

Upgrade to Wu-FTPd 2.6.3 when available.

Common Vulnerabilities and Exposures (CVE)

CVE-2003-1327

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

wu-ftpd MAIL_ADMIN overflow

Information

Severity

Severity

Family

Family

CVSSv2 Base

CVSSv2 Base

CVSSv2 Vector

CVSSv2 Vector

Solution Type

Solution Type

Created

Created

Modified

Modified

Share

Summary

Insight

Insight

Solution

Solution

Common Vulnerabilities and Exposures (CVE)