CVE-2001-0187
wu-ftpd 2.6.1 - Remote Code Execution via Format String in PASV Port Assignment
Title source: manualExploitation Summary
EIP tracks 1 public exploit for CVE-2001-0187. PoCs published by Wu-ftpd team.
AI-analyzed exploit summary This is a writeup demonstrating a format string vulnerability in Wu-ftpd when running in debug mode. The vulnerability allows an attacker to exploit insecure logging to syslog by manipulating hostname resolution, potentially leading to remote root access.
Description
Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment.
Exploits (1)
This is a writeup demonstrating a format string vulnerability in Wu-ftpd when running in debug mode. The vulnerability allows an attacker to exploit insecure logging to syslog by manipulating hostname resolution, potentially leading to remote root access.