Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-0699Use of Externally-Controlled Format String in HP Hp-ux

5 documents5 sources
Severity
10.0CRITICALNVD
EPSS
4.4%
top 10.92%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
HP Hp-ux
Timeline
PublishedOct 20
Latest updateFeb 7

Description

Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDhp/hp-ux10.20, 11.00+1

🔴Vulnerability Details

2
GHSA
GHSA-rgwr-fg6p-5whf: Format string vulnerability in ftpd in HP-UX 102022-04-30
CVEList
CVE-2000-0699: Format string vulnerability in ftpd in HP-UX 102002-03-09

💥Exploits & PoCs

1
Exploit-DB
HP-UX FTPD - Remote Buffer Overflow2000-12-01

📋Vendor Advisories

1
Chrome
Stable Channel Update for Desktop: CVE-2023-06992023-02-07
CVE-2000-0699 — HP Hp-ux vulnerability | cvebase