CyberSec.Space Logo
Back to CVE Browser

CVE-1999-0080

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1930%
EPSS Percentile43.42th
PublishedNov 30, 1995
Last ModifiedApr 16, 2026

Vulnerability Description

Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command.

Affected Platforms (CPE)

📦
Washington University

Wu Ftpd

= 2.4

References & Advisories

🔗 https://archive.nanog.org/mailinglist/mailarchives/old_archive/1995-11/msg00385.html
🔗 https://archive.nanog.org/mailinglist/mailarchives/old_archive/1995-11/msg00385.html

Related Vulnerabilities

CVE-1999-036810.0

Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.

CVE-1999-008210.0

CWD ~root command in ftpd allows root access.

CVE-1999-066110.0

A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP...

CVE-1999-087810.0

Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR.