CVE-2001-0550

EXPLOITED

wu-ftpd 2.6.1 - Remote Command Execution via Glob Function

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2001-0550 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 3 public exploits from researchers including Teso, Core Security Technologies, gilberto47831.

AI-analyzed exploit summary This is a remote root exploit for wu-ftpd (CVE-2001-0550) targeting multiple Linux distributions. It leverages a buffer overflow vulnerability to execute arbitrary shellcode, providing remote command execution with root privileges.

Description

wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).

Exploits (3)

exploitdb WORKING POC VERIFIED
by Teso · cremotelinux
https://www.exploit-db.com/exploits/348

This is a remote root exploit for wu-ftpd (CVE-2001-0550) targeting multiple Linux distributions. It leverages a buffer overflow vulnerability to execute arbitrary shellcode, providing remote command execution with root privileges.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: wu-ftpd versions 2.4.2, 2.5.0, 2.6.0, 2.6.1
No auth needed
Prerequisites: Network access to vulnerable wu-ftpd service · Target system running a vulnerable version of wu-ftpd
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Core Security Technologies · textremoteunix
https://www.exploit-db.com/exploits/21161

This exploit demonstrates a heap-corruption vulnerability in Wu-Ftpd's file globbing implementation, leading to a segmentation fault and potential remote code execution. The PoC triggers the vulnerability by sending a malformed globbing pattern (~{) during an FTP session.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Wu-Ftpd 2.6.1-18
Auth required
Prerequisites: Access to a vulnerable Wu-Ftpd server · Valid FTP credentials (anonymous or authenticated)
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WRITEUP
by gilberto47831 · poc
https://github.com/gilberto47831/Network-Filesystem-Forensics

This repository contains a forensic report on post-exploitation activities targeting a honeypot exploiting CVE-2001-0550 in wu-ftpd. It provides analysis rather than functional exploit code.

Classification
Writeup 80%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: wu-ftpd
No auth needed
Prerequisites: Vulnerable wu-ftpd installation
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (14)

Core 14
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=100700363414799&w=2
Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert
http://www.cert.org/advisories/CA-2001-33.html
Vendor Advisory vendor-advisory x_refsource_suse
http://www.novell.com/linux/security/advisories/2001_043_wuftpd_txt.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/7611
Various Sources vendor-advisory x_refsource_mandrake
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-090.php3
Vendor Advisory vendor-advisory x_refsource_conectiva
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000442
Various Sources vendor-advisory x_refsource_hp
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0107-162
Third Party Advisory, VDB Entry mailing-list x_refsource_vuln-dev
http://www.securityfocus.com/archive/82/180823
Patch, Vendor Advisory vendor-advisory x_refsource_caldera
http://www.caldera.com/support/security/advisories/CSSA-2001-041.0.txt
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2001/dsa-087
Various Sources vendor-advisory x_refsource_immunix
http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-036-01
Patch, Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2001-157.html
Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/886083
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3581

Scores

EPSS 0.6088
EPSS Percentile 98.3%

Details

VulnCheck KEV 2017-06-20
Status published
Products (5)
david_madore/ftpd-bsd 0.3.2
david_madore/ftpd-bsd 0.3.3
washington_university/wu-ftpd 2.5.0
washington_university/wu-ftpd 2.6.0
washington_university/wu-ftpd 2.6.1
Published Nov 30, 2001
Tracked Since Feb 18, 2026