CVE-2005-0958

YepYep mtftpd <0.0.3 - RCE

Title source: llm

Description

Format string vulnerability in the log_do function in log.c for YepYep mtftpd 0.0.3, when the statistics option is enabled, allows remote attackers to execute arbitrary code via the CWD command.

Exploits (1)

exploitdb WORKING POC VERIFIED

by darkeagle · cremotelinux

https://www.exploit-db.com/exploits/902

View Code ZIP pw:eip

References (4)

[Exploit] http://www.securityfocus.com/bid/12947

[Various Sources] http://www.tripbit.org/advisories/TA-040305.txt

[Exploit] http://www.securiteam.com/exploits/5KP0W0AF5K.html

[Exploit, URL Repurposed] http://unl0ck.org/files/papers/mtftpd.txt

Scores

EPSS 0.1326

EPSS Percentile 94.2%

Details

Status published

Products (3)

yepyep/mtftpd 0.1a

yepyep/mtftpd 0.2

yepyep/mtftpd 0.3

Published May 02, 2005

Tracked Since Feb 18, 2026