Back to CVE Browser

CVE-2006-5826

MEDIUM

5.8

CVSS Severity Score

EPSS Score0.0990%

EPSS Percentile0.87th

PublishedNov 10, 2006

Last ModifiedApr 23, 2026

Vulnerability Description

Buffer overflow in Texas Imperial Software WFTPD Pro Server 3.23.1.1 allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via crafted APPE commands that contain "/" (slash) or "\" (backslash) characters.

Affected Platforms (CPE)

📦

Texas Imperial Software

Wftpd

= 3.23.1.1

References & Advisories

🔗 http://marc.info/?l=full-disclosure&m=116289234522958&w=2

🔗 http://marc.info/?l=full-disclosure&m=116295408114746&w=2

🔗 http://securityreason.com/securityalert/1837

🔗 http://securitytracker.com/id?1017173

🔗 http://www.securityfocus.com/archive/1/450851/100/0/threaded

🔗 http://www.securityfocus.com/bid/20942

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/30079

🔗 https://www.exploit-db.com/exploits/2734

Related Vulnerabilities

CVE-1999-095010.0

Buffer overflow in WFTPD FTP server allows remote attackers to gain root access via a series of MKD and CWD commands that create n...

CVE-2001-029610.0

Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute arbitrary commands via a long CWD command.

CVE-2001-13867.5

WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypa...

CVE-2001-06947.5

Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote attacker to view arbitrary files via a dot dot attack in the CD...