What is CVE-2000-0573?

CVE-2000-0573 is a vulnerability in N/a. Published 2001-05-07.

Is CVE-2000-0573 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2000-0573

The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.

EPSS: 0.915 (99.7th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

CA-2000-13 (x_refsource_CERT, third-party-advisory)
20000707 New Released Version of the WuFTPD Sploit (mailing-list, x_refsource_BUGTRAQ)
RHSA-2000:039 (x_refsource_REDHAT, vendor-advisory)
CSSA-2000-020.0 (x_refsource_CALDERA, vendor-advisory)
20000622 WuFTPD: Providing *remote* root since at least1994 (mailing-list, x_refsource_BUGTRAQ)
20000702 [Security Announce] wu-ftpd update (mailing-list, x_refsource_BUGTRAQ)
20000723 CONECTIVA LINUX SECURITY ANNOUNCEMENT - WU-FTPD (re-release) (mailing-list, x_refsource_BUGTRAQ)
1387 (vdb-entry, x_refsource_BID)
20000623 WUFTPD 2.6.0 remote root exploit (mailing-list, x_refsource_BUGTRAQ)
20000623 ftpd: the advisory version (mailing-list, x_refsource_BUGTRAQ)

Frequently asked questions

What is CVE-2000-0573?: CVE-2000-0573 is a vulnerability in N/a. Published 2001-05-07.
Is CVE-2000-0573 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.