Vulnerability Description
Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Washington University | Wu-Ftpd | 2.4 |
References
- https://archive.nanog.org/mailinglist/mailarchives/old_archive/1995-11/msg00385.
- https://archive.nanog.org/mailinglist/mailarchives/old_archive/1995-11/msg00385.
FAQ
What is CVE-1999-0080?
CVE-1999-0080 is a vulnerability with a CVSS score of 10.0 (HIGH). Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "...
How severe is CVE-1999-0080?
CVE-1999-0080 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-0080?
Check the references section above for vendor advisories and patch information. Affected products include: Washington University Wu-Ftpd.