Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2003-0466 — Off-by-one Error in Wu-ftpd
Severity
9.8CRITICALNVD
EPSS
90.8%
top 0.37%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Timeline
PublishedAug 27
Latest updateMay 3
Description
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages8 packages
Patches
🔴Vulnerability Details
2GHSA▶
GHSA-7c4w-gm97-vgqq: Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demons↗2022-05-03
CVEList▶
CVE-2003-0466: Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demons↗2003-08-01