CVE-2000-0574 | Vulnerability Database | Aqua Security

FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.

Affected Software

Name	Vendor	Start Version	End Version
Ftpd	Openbsd	5.51 (including)	5.51 (including)
Ftpd	Openbsd	5.60 (including)	5.60 (including)
Wu-ftpd	Washington_university	2.4.2_beta1 (including)	2.4.2_beta1 (including)
Wu-ftpd	Washington_university	2.4.2_beta18 (including)	2.4.2_beta18 (including)
Wu-ftpd	Washington_university	2.4.2_beta18_vr4 (including)	2.4.2_beta18_vr4 (including)
Wu-ftpd	Washington_university	2.4.2_beta18_vr5 (including)	2.4.2_beta18_vr5 (including)
Wu-ftpd	Washington_university	2.4.2_beta18_vr6 (including)	2.4.2_beta18_vr6 (including)
Wu-ftpd	Washington_university	2.4.2_beta18_vr7 (including)	2.4.2_beta18_vr7 (including)
Wu-ftpd	Washington_university	2.4.2_beta18_vr8 (including)	2.4.2_beta18_vr8 (including)
Wu-ftpd	Washington_university	2.4.2_beta18_vr9 (including)	2.4.2_beta18_vr9 (including)
Wu-ftpd	Washington_university	2.4.2_beta18_vr10 (including)	2.4.2_beta18_vr10 (including)
Wu-ftpd	Washington_university	2.4.2_beta18_vr11 (including)	2.4.2_beta18_vr11 (including)
Wu-ftpd	Washington_university	2.4.2_beta18_vr12 (including)	2.4.2_beta18_vr12 (including)
Wu-ftpd	Washington_university	2.4.2_beta18_vr13 (including)	2.4.2_beta18_vr13 (including)
Wu-ftpd	Washington_university	2.4.2_beta18_vr14 (including)	2.4.2_beta18_vr14 (including)
Wu-ftpd	Washington_university	2.4.2_beta18_vr15 (including)	2.4.2_beta18_vr15 (including)
Wu-ftpd	Washington_university	2.4.2_vr16 (including)	2.4.2_vr16 (including)
Wu-ftpd	Washington_university	2.4.2_vr17 (including)	2.4.2_vr17 (including)
Wu-ftpd	Washington_university	2.5 (including)	2.5 (including)
Wu-ftpd	Washington_university	2.6 (including)	2.6 (including)

References

ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-009.txt.asc
http://archives.neohapsis.com/archives/bugtraq/2000-07/0031.html
http://archives.neohapsis.com/archives/bugtraq/2000-07/0061.html
http://archives.neohapsis.com/archives/bugtraq/2000-07/0121.html
http://www.cert.org/advisories/CA-2000-13.html
http://www.securityfocus.com/bid/1425
http://www.securityfocus.com/bid/1438
ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-009.txt.asc
http://archives.neohapsis.com/archives/bugtraq/2000-07/0031.html
http://archives.neohapsis.com/archives/bugtraq/2000-07/0061.html
http://archives.neohapsis.com/archives/bugtraq/2000-07/0121.html
http://www.cert.org/advisories/CA-2000-13.html
http://www.securityfocus.com/bid/1425
http://www.securityfocus.com/bid/1438

NVD	https://nvd.nist.gov/vuln/detail/CVE-2000-0574
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html