Vulnerability Description
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Millenux Gmbh | Anonftp | 2.8.1 |
| University Of Washington | Wu-Ftpd | 2.4.2 |
| Redhat | Linux | 5.2 |
References
FAQ
What is CVE-1999-0997?
CVE-1999-0997 is a vulnerability with a CVSS score of 7.5 (HIGH). wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
How severe is CVE-1999-0997?
CVE-1999-0997 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-0997?
Check the references section above for vendor advisories and patch information. Affected products include: Millenux Gmbh Anonftp, University Of Washington Wu-Ftpd, Redhat Linux.