wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a ~{ argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ftpd-bsd | David_madore | 0.3.2 (including) | 0.3.2 (including) |
Ftpd-bsd | David_madore | 0.3.3 (including) | 0.3.3 (including) |
Wu-ftpd | Washington_university | 2.5.0 (including) | 2.5.0 (including) |
Wu-ftpd | Washington_university | 2.6.0 (including) | 2.6.0 (including) |
Wu-ftpd | Washington_university | 2.6.1 (including) | 2.6.1 (including) |
Red Hat Linux 6.2 | RedHat | * | |
Red Hat Linux 7.0 | RedHat | * | |
Red Hat Linux 7.1 | RedHat | * | |
Red Hat Linux 7.2 | RedHat | * |