CVE Vulnerabilities

CVE-2003-0466

Published: Aug 27, 2003 | Modified: May 03, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.

Affected Software

Name Vendor Start Version End Version
Wu_ftpd Redhat 2.6.1-16 2.6.1-16
Wu_ftpd Redhat 2.6.1-16 2.6.1-16
Wu_ftpd Redhat 2.6.1-18 2.6.1-18
Wu_ftpd Redhat 2.6.1-18 2.6.1-18
Wu_ftpd Redhat 2.6.2-5 2.6.2-5
Wu_ftpd Redhat 2.6.2-8 2.6.2-8
Wu-ftpd Washington_university 2.5.0 2.5.0
Wu-ftpd Washington_university 2.6.0 2.6.0
Wu-ftpd Washington_university 2.6.1 2.6.1
Wu-ftpd Washington_university 2.6.2 2.6.2

References