Vulnerability in N/a
CVE-2003-0466
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATH…
EPSS: 0.908 (99.6th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 20030804 Off-by-one Buffer Overflow Vulnerability in BSD libc realpath(3) (mailing-list, x_refsource_BUGTRAQ)
- isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt (x_refsource_MISC)
- 9446 (x_refsource_SECUNIA, third-party-advisory)
- 6602 (x_refsource_OSVDB, vdb-entry)
- oval:org.mitre.oval:def:1970 (signature, x_refsource_OVAL, vdb-entry)
- 20060213 Latest wu-ftpd exploit :-s (mailing-list, x_refsource_BUGTRAQ)
- 8315 (vdb-entry, x_refsource_BID)
- 9423 (x_refsource_SECUNIA, third-party-advisory)
- 20030731 wu-ftpd fb_realpath() off-by-one bug (mailing-list, x_refsource_BUGTRAQ)
- 20030731 wu-ftpd fb_realpath() off-by-one bug (mailing-list, x_refsource_VULNWATCH)