CVE-2000-0133
published 2000-02-01CVE-2000-0133: Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to execute commands via the STOR, RNTO, MKD, XMKD, RMD, XRMD, APPE, SIZE, and RNFR commands.
PriorityP336critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
8.01%
94.0th percentile
Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to execute commands via the STOR, RNTO, MKD, XMKD, RMD, XRMD, APPE, SIZE, and RNFR commands.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| h_nomura | tiny_ftpd | <= 1.4 | — |
| h_nomura | tiny_ftpdaemon | <= 0.52 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-fhqg-mpm6-q7p8: Buffer overflow in Tiny FTPd 1
ghsa_unreviewed·2022-05-01·CVSS 10.0
CVE-2006-7007 [CRITICAL] GHSA-fhqg-mpm6-q7p8: Buffer overflow in Tiny FTPd 1
Buffer overflow in Tiny FTPd 1.4 and earlier allows remote attackers to cause a denial of service (daemon crash) via a long USER command, a different vector than CVE-2000-0133.
GHSA
GHSA-jjx9-x9mv-mj56: Buffer overflows in Tiny FTPd 0
ghsa_unreviewed·2022-04-30
CVE-2000-0133 [HIGH] GHSA-jjx9-x9mv-mj56: Buffer overflows in Tiny FTPd 0
Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to execute commands via the STOR, RNTO, MKD, XMKD, RMD, XRMD, APPE, SIZE, and RNFR commands.
Suricata
GPL FTP APPE overflow attempt
suricata·2010-09-23
CVE-2000-0133 GPL FTP APPE overflow attempt
GPL FTP APPE overflow attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL FTP APPE overflow attempt"; flow:established,to_server; content:"APPE"; nocase; isdataat:100,relative; pcre:"/^APPE\s[^\n]{100}/smi"; reference:bugtraq,8315; reference:bugtraq,8542; reference:cve,2000-0133; reference:cve,2003-0466; classtype:attempted-admin; sid:2102391; rev:12; metadata:created_at 2010_09_23, cve CVE_2000_0133, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL FTP RMD overflow attempt
suricata·2010-09-23
CVE-2000-0133 GPL FTP RMD overflow attempt
GPL FTP RMD overflow attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL FTP RMD overflow attempt"; flow:established,to_server; content:"RMD"; nocase; isdataat:100,relative; pcre:"/^RMD\s[^\n]{100}/smi"; reference:bugtraq,2972; reference:cve,2000-0133; reference:cve,2001-0826; reference:cve,2001-1021; classtype:attempted-admin; sid:2101976; rev:11; metadata:created_at 2010_09_23, cve CVE_2000_0133, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL FTP RNTO overflow attempt
suricata·2010-09-23
CVE-2000-0133 GPL FTP RNTO overflow attempt
GPL FTP RNTO overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"GPL FTP RNTO overflow attempt"; flow:established,to_server; content:"RNTO"; nocase; isdataat:100,relative; pcre:"/^RNTO\s[^\n]{100}/smi"; reference:bugtraq,8315; reference:cve,2000-0133; reference:cve,2001-1021; reference:cve,2003-0466; classtype:attempted-admin; sid:2102389; rev:9; metadata:created_at 2010_09_23, cve CVE_2000_0133, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL FTP XMKD overflow attempt
suricata·2010-09-23
CVE-2000-0133 GPL FTP XMKD overflow attempt
GPL FTP XMKD overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"GPL FTP XMKD overflow attempt"; flow:established,to_server; content:"XMKD"; nocase; isdataat:100,relative; pcre:"/^XMKD\s[^\n]{100}/smi"; reference:bugtraq,7909; reference:cve,2000-0133; reference:cve,2001-1021; classtype:attempted-admin; sid:2102373; rev:6; metadata:created_at 2010_09_23, cve CVE_2000_0133, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
No writeups or analysis indexed.
2000-02-01
Published