CVE-2000-0573

wu-ftpd <2.6.0 - Code Injection

Title source: llm

Description

The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.

Exploits (8)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotelinux
https://www.exploit-db.com/exploits/16311
exploitdb WORKING POC VERIFIED
by qitest1 · cremotelinux_x86
https://www.exploit-db.com/exploits/269
exploitdb WRITEUP VERIFIED
by justme · textremotelinux_x86
https://www.exploit-db.com/exploits/20032
exploitdb WORKING POC VERIFIED
by kalou · cremotesolaris
https://www.exploit-db.com/exploits/239
exploitdb WORKING POC VERIFIED
by venglin · cremotemultiple
https://www.exploit-db.com/exploits/201
exploitdb WORKING POC VERIFIED
by vsz_ · cremotelinux
https://www.exploit-db.com/exploits/20031
exploitdb WORKING POC VERIFIED
by tf8 · cremoteunix
https://www.exploit-db.com/exploits/20030
metasploit WORKING POC GREAT
by jduck · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/ftp/wuftpd_site_exec_format.rb

References (14)

Scores

EPSS 0.9145
EPSS Percentile 99.7%

Details

Status published
Products (1)
hp/hp-ux 11.00
Published Jul 07, 2000
Tracked Since Feb 18, 2026