CyberSec.Space Logo
Back to CVE Browser

CVE-2000-0573

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0260%
EPSS Percentile24.50th
PublishedJul 7, 2000
Last ModifiedApr 16, 2026

Vulnerability Description

The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.

Affected Platforms (CPE)

πŸ’»
Hp

Hp Ux

= 11.00

References & Advisories

πŸ”— ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:29.wu-ftpd.asc.v1.1
πŸ”— ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-2000.02
πŸ”— ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-009.txt.asc
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.html
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.html
πŸ”— http://marc.info/?l=bugtraq&m=96171893218000&w=2
πŸ”— http://marc.info/?l=bugtraq&m=96179429114160&w=2
πŸ”— http://marc.info/?l=bugtraq&m=96299933720862&w=2

Related Vulnerabilities

CVE-2000-004010.0

glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command.

CVE-2000-037410.0

The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from an...

CVE-2000-008110.0

Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute the code by usin...

CVE-2000-001710.0

Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter.