CVE-1999-1326

3 documents3 sources

Severity

5.0MEDIUM

EPSS

0.9%

top 24.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Washington University Wu-ftpd

Timeline

PublishedJul 4

Latest updateApr 30

Description

wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDwashington_university/wu-ftpd2.4

🔴Vulnerability Details

GHSA

GHSA-3c64-pg4p-f5fw: wu-ftpd 2↗2022-04-30

▶

CVEList

CVE-1999-1326: wu-ftpd 2↗2002-03-09

▶