CVE-1999-0950

WFTPD - Buffer Overflow via Nested MKD and CWD Commands

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-1999-0950. PoCs published by Alberto Solino, Alberto Soli.

AI-analyzed exploit summary The provided text describes a remote buffer overflow vulnerability in WFTPD due to insufficient bounds checking on MKD and CWD arguments. An authenticated attacker can exploit this to execute arbitrary code in the context of the affected service.

Description

Buffer overflow in WFTPD FTP server allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories.

Exploits (2)

exploitdb WRITEUP VERIFIED

by Alberto Solino · textremotewindows

https://www.exploit-db.com/exploits/19570

View Code ZIP pw:eip

The provided text describes a remote buffer overflow vulnerability in WFTPD due to insufficient bounds checking on MKD and CWD arguments. An authenticated attacker can exploit this to execute arbitrary code in the context of the affected service.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: WFTPD

Auth required

Prerequisites: Authenticated access to the WFTPD service

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Alberto Soli · perldoswindows

https://www.exploit-db.com/exploits/19569

View Code ZIP pw:eip

This Perl script demonstrates a remote buffer overflow vulnerability in multiple FTP, SMTP, POP3, and HTTP servers by sending excessively long strings to trigger a denial-of-service (DoS) condition. It targets specific versions of various servers, including WFTPD FTP Server v2.40, by exploiting insufficient bounds checking in commands like MKD and CWD.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Multiple servers including WFTPD FTP Server v2.40, G6 FTP Server v2.0b4/5, MDaemon httpd Server v2.8.5.0, and others

Auth required

Prerequisites: Network access to the target server · Perl environment with IO::Socket and optionally Net::Telnet modules

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/747

Scores

EPSS 0.0811

EPSS Percentile 94.1%

Details

Status published

Products (2)

texas_imperial_software/wftpd 2.34

texas_imperial_software/wftpd 2.40

Published Oct 28, 1999

Tracked Since Feb 18, 2026