CVE Vulnerabilities

CVE-2003-1327

Published: Dec 31, 2003 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator.

Affected Software

Name Vendor Start Version End Version
Linux_kernel Linux * *
Wu-ftpd Ubuntu dapper *
Wu-ftpd Ubuntu devel *
Wu-ftpd Ubuntu edgy *
Wu-ftpd Ubuntu feisty *
Wu-ftpd Ubuntu gutsy *
Wu-ftpd Ubuntu hardy *
Wu-ftpd Ubuntu intrepid *
Wu-ftpd Ubuntu jaunty *
Wu-ftpd Ubuntu karmic *

References